From ecb9432850549952b9fe14b67fcf6798bbab0261 Mon Sep 17 00:00:00 2001
From: travisutk <travisutk@12e2690d-a6be-4b82-a7b7-67c4a43b65c8>
Date: Sat, 17 Oct 2009 13:06:05 +0000
Subject: [PATCH] GoodFET for Chipcon can erase chip and read/write info flash.
 The protection bit doesn't seem to work, but that's likely a Power-On-Reset
 sort of thing.

git-svn-id: https://svn.code.sf.net/p/goodfet/code/trunk@209 12e2690d-a6be-4b82-a7b7-67c4a43b65c8
---
 client/GoodFETCC.py             |  5 ++++-
 client/goodfet.cc               | 23 +++++++++++++++++++++
 firmware/apps/chipcon/chipcon.c | 36 ++++++++++++++++++++++-----------
 firmware/include/chipcon.h      |  2 ++
 4 files changed, 53 insertions(+), 13 deletions(-)

diff --git a/client/GoodFETCC.py b/client/GoodFETCC.py
index f426a5b..7f6e334 100644
--- a/client/GoodFETCC.py
+++ b/client/GoodFETCC.py
@@ -64,7 +64,10 @@ class GoodFETCC(GoodFET):
     def CCwr_config(self,config):
         """Write the config register of a Chipcon."""
         self.writecmd(0x30,0x81,1,[config&0xFF]);
-    
+    def CClockchip(self):
+        """Set the flash lock bit in info mem."""
+        self.writecmd(0x30, 0x9A, 0, None);
+        
     CCversions={0x0100:"CC1110",
                 0x8500:"CC2430",
                 0x8900:"CC2431",
diff --git a/client/goodfet.cc b/client/goodfet.cc
index badbf7a..e233d65 100755
--- a/client/goodfet.cc
+++ b/client/goodfet.cc
@@ -82,6 +82,25 @@ if(sys.argv[1]=="erase"):
     client.CCchiperase();
     print "Status: %s" %client.CCstatusstr();
 
+if(sys.argv[1]=="peekinfo"):
+    print "Select info flash."
+    client.CCwr_config(1);
+    print "Config is %02x" % client.CCrd_config();
+    
+    start=0x0000;
+    if(len(sys.argv)>2):
+        start=int(sys.argv[2],16);
+    stop=start;
+    if(len(sys.argv)>3):
+        stop=int(sys.argv[3],16);
+    print "Peeking from %04x to %04x." % (start,stop);
+    while start<=stop:
+        print "%04x: %02x" % (start,client.CCpeekcodebyte(start));
+        start=start+1;
+
+if(sys.argv[1]=="config"):
+    print "Config is %02x" % client.CCrd_config();
+
 if(sys.argv[1]=="flash"):
      f=sys.argv[2];
      start=0;
@@ -119,6 +138,10 @@ if(sys.argv[1]=="flash"):
      client.CCflashpage(page);
      print "Flashed final page at %06x" % page;
      
+if(sys.argv[1]=="lock"):
+    print "Status: %s" %client.CCstatusstr();
+    client.CClockchip();
+    print "Status: %s" %client.CCstatusstr();
 if(sys.argv[1]=="flashpage"):
     target=0;
     if(len(sys.argv)>2):
diff --git a/firmware/apps/chipcon/chipcon.c b/firmware/apps/chipcon/chipcon.c
index b2a912d..5bdd360 100644
--- a/firmware/apps/chipcon/chipcon.c
+++ b/firmware/apps/chipcon/chipcon.c
@@ -267,6 +267,25 @@ void cc_wr_config(unsigned char config){
   cccmd(2);
   ccread(1);
 }
+
+//! Locks the chip.
+void cc_lockchip(){
+  debugstr("Locking chip.");
+  cc_wr_config(1);//Select Info Flash 
+  if(!(cc_rd_config()&1))
+    debugstr("Config forgotten!");
+  
+  //Clear config page.
+  cc_pokedatabyte(0xf000,0);
+  cc_write_flash_page(0);
+  if(cc_peekcodebyte(0))
+    debugstr("Failed to clear info flash byte.");
+  
+  cc_wr_config(0);  
+  if(cc_rd_config()&1)
+    debugstr("Stuck in info flash mode!");
+}
+
 //! Read the configuration byte.
 unsigned char cc_rd_config(){
   cmddata[0]=CCCMD_RD_CONFIG; //0x24
@@ -353,15 +372,6 @@ const u8 flash_routine[] = {
 }; 
 
 
-//! Locks the chip.
-void cc_lockchip(){
-  debugstr("Locking chip.");
-  cc_wr_config(1);//Select Info Flash 
-  cc_debug(3, 0x75, 0xAF, 0x00);//MOV FWDATA, #00H
-  //cc_debug(2, 0xF5, 0xAF, 0); //MOV FWDATA, A
-  
-}
-
 //! Copies flash buffer to flash.
 void cc_write_flash_page(u32 adr){
   //Assumes that page has already been written to XDATA 0xF000
@@ -392,6 +402,7 @@ void cc_write_flash_page(u32 adr){
   
   cc_set_pc(0xf000+FLASHPAGE_SIZE);//execute code fragment
   cc_resume();
+  
   //debugstr("Executing.");
   
   
@@ -399,6 +410,7 @@ void cc_write_flash_page(u32 adr){
     P1OUT^=1;//blink LED while flashing
   }
   
+  
   //debugstr("Done flashing.");
   
   P1OUT&=~1;//clear LED
@@ -467,11 +479,11 @@ unsigned char cc_debug(unsigned char len,
   unsigned char cmd=CCCMD_DEBUG_INSTR+(len&0x3);//0x54+len
   CCWRITE;
   cctrans8(cmd);
-  if(len--)
+  if(len>0)
     cctrans8(a);
-  if(len--)
+  if(len>1)
     cctrans8(b);
-  if(len--)
+  if(len>2)
     cctrans8(c);
   CCREAD;
   return cctrans8(0x00);
diff --git a/firmware/include/chipcon.h b/firmware/include/chipcon.h
index e5207cc..3bf3da1 100644
--- a/firmware/include/chipcon.h
+++ b/firmware/include/chipcon.h
@@ -7,6 +7,8 @@
 
 //Chipcon command definitions.
 #define CCCMD_CHIP_ERASE 0x14
+
+//1D or 19?
 #define CCCMD_WR_CONFIG 0x1D
 #define CCCMD_RD_CONFIG 0x24
 #define CCCMD_READ_STATUS 0x34
-- 
2.20.1