jim
/
openocd
0
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 26 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5868 Commits
9 Branches
43 MiB
 
 
 
 
 
 
Tree: 2a8a89edcb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2a8a89edcb'
${ noResults }
openocd/src/target/arm920t.c

1724 lines
47 KiB
Raw Blame History 

  1. 

  2. /***************************************************************************

  3.  *   Copyright (C) 2005 by Dominic Rath                                    *

  4.  *   Dominic.Rath@gmx.de                                                   *

  5.  *                                                                         *

  6.  *   This program is free software; you can redistribute it and/or modify  *

  7.  *   it under the terms of the GNU General Public License as published by  *

  8.  *   the Free Software Foundation; either version 2 of the License, or     *

  9.  *   (at your option) any later version.                                   *

  10.  *                                                                         *

  11.  *   This program is distributed in the hope that it will be useful,       *

  12.  *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *

  13.  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *

  14.  *   GNU General Public License for more details.                          *

  15.  *                                                                         *

  16.  *   You should have received a copy of the GNU General Public License     *

  17.  *   along with this program; if not, write to the                         *

  18.  *   Free Software Foundation, Inc.,                                       *

  19.  *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             *

  20.  ***************************************************************************/

  21. 

  22. #ifdef HAVE_CONFIG_H

  23. #include "config.h"

  24. #endif

  25. 

  26. #include "arm920t.h"

  27. #include <helper/time_support.h>

  28. #include "target_type.h"

  29. #include "register.h"

  30. #include "arm_opcodes.h"

  31. 

  32. /*

  33.  * For information about the ARM920T, see ARM DDI 0151C especially

  34.  * Chapter 9 about debug support, which shows how to manipulate each

  35.  * of the different scan chains:

  36.  *

  37.  *   0 ... ARM920 signals, e.g. to rest of SOC (unused here)

  38.  *   1 ... debugging; watchpoint and breakpoint status, etc; also

  39.  *	MMU and cache access in conjunction with scan chain 15

  40.  *   2 ... EmbeddedICE

  41.  *   3 ... external boundary scan (SoC-specific, unused here)

  42.  *   4 ... access to cache tag RAM

  43.  *   6 ... ETM9

  44.  *   15 ... access coprocessor 15, "physical" or "interpreted" modes

  45.  *	"interpreted" works with a few actual MRC/MCR instructions

  46.  *	"physical" provides register-like behaviors.  Section 9.6.7

  47.  *	covers these details.

  48.  *

  49.  * The ARM922T is similar, but with smaller caches (8K each, vs 16K).

  50.  */

  51. 

  52. #if 0

  53. #define _DEBUG_INSTRUCTION_EXECUTION_

  54. #endif

  55. 

  56. /* Table 9-8 shows scan chain 15 format during physical access mode, using a

  57.  * dedicated 6-bit address space (encoded in bits 33:38).  Writes use one

  58.  * JTAG scan, while reads use two.

  59.  *

  60.  * Table 9-9 lists the thirteen registers which support physical access.

  61.  * ARM920T_CP15_PHYS_ADDR() constructs the 6-bit reg_addr parameter passed

  62.  * to arm920t_read_cp15_physical() and arm920t_write_cp15_physical().

  63.  *

  64.  *  x == bit[38]

  65.  *  y == bits[37:34]

  66.  *  z == bit[33]

  67.  */

  68. #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))

  69. 

  70. /* Registers supporting physical Read access (from table 9-9) */

  71. #define CP15PHYS_CACHETYPE      ARM920T_CP15_PHYS_ADDR(0, 0x0, 1)

  72. #define CP15PHYS_ICACHE_IDX     ARM920T_CP15_PHYS_ADDR(1, 0xd, 1)

  73. #define CP15PHYS_DCACHE_IDX     ARM920T_CP15_PHYS_ADDR(1, 0xe, 1)

  74. /* NOTE: several more registers support only physical read access */

  75. 

  76. /* Registers supporting physical Read/Write access (from table 9-9) */

  77. #define CP15PHYS_CTRL           ARM920T_CP15_PHYS_ADDR(0, 0x1, 0)

  78. #define CP15PHYS_PID            ARM920T_CP15_PHYS_ADDR(0, 0xd, 0)

  79. #define CP15PHYS_TESTSTATE      ARM920T_CP15_PHYS_ADDR(0, 0xf, 0)

  80. #define CP15PHYS_ICACHE         ARM920T_CP15_PHYS_ADDR(1, 0x1, 1)

  81. #define CP15PHYS_DCACHE         ARM920T_CP15_PHYS_ADDR(1, 0x2, 1)

  82. 

  83. static int arm920t_read_cp15_physical(struct target *target,

  84. 	int reg_addr, uint32_t *value)

  85. {

  86. 	struct arm920t_common *arm920t = target_to_arm920(target);

  87. 	struct arm_jtag *jtag_info;

  88. 	struct scan_field fields[4];

  89. 	uint8_t access_type_buf = 1;

  90. 	uint8_t reg_addr_buf = reg_addr & 0x3f;

  91. 	uint8_t nr_w_buf = 0;

  92. 	int retval;

  93. 

  94. 	jtag_info = &arm920t->arm7_9_common.jtag_info;

  95. 

  96. 	retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);

  97. 	if (retval != ERROR_OK)

  98. 		return retval;

  99. 	retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);

  100. 	if (retval != ERROR_OK)

  101. 		return retval;

  102. 

  103. 	fields[0].num_bits = 1;

  104. 	fields[0].out_value = &access_type_buf;

  105. 	fields[0].in_value = NULL;

  106. 

  107. 	fields[1].num_bits = 32;

  108. 	fields[1].out_value = NULL;

  109. 	fields[1].in_value = NULL;

  110. 

  111. 	fields[2].num_bits = 6;

  112. 	fields[2].out_value = &reg_addr_buf;

  113. 	fields[2].in_value = NULL;

  114. 

  115. 	fields[3].num_bits = 1;

  116. 	fields[3].out_value = &nr_w_buf;

  117. 	fields[3].in_value = NULL;

  118. 

  119. 	jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);

  120. 

  121. 	fields[1].in_value = (uint8_t *)value;

  122. 

  123. 	jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);

  124. 

  125. 	jtag_add_callback(arm_le_to_h_u32, (jtag_callback_data_t)value);

  126. 

  127. #ifdef _DEBUG_INSTRUCTION_EXECUTION_

  128. 	jtag_execute_queue();

  129. 	LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);

  130. #endif

  131. 

  132. 	return ERROR_OK;

  133. }

  134. 

  135. static int arm920t_write_cp15_physical(struct target *target,

  136. 	int reg_addr, uint32_t value)

  137. {

  138. 	struct arm920t_common *arm920t = target_to_arm920(target);

  139. 	struct arm_jtag *jtag_info;

  140. 	struct scan_field fields[4];

  141. 	uint8_t access_type_buf = 1;

  142. 	uint8_t reg_addr_buf = reg_addr & 0x3f;

  143. 	uint8_t nr_w_buf = 1;

  144. 	uint8_t value_buf[4];

  145. 	int retval;

  146. 

  147. 	jtag_info = &arm920t->arm7_9_common.jtag_info;

  148. 

  149. 	buf_set_u32(value_buf, 0, 32, value);

  150. 

  151. 	retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);

  152. 	if (retval != ERROR_OK)

  153. 		return retval;

  154. 	retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);

  155. 	if (retval != ERROR_OK)

  156. 		return retval;

  157. 

  158. 	fields[0].num_bits = 1;

  159. 	fields[0].out_value = &access_type_buf;

  160. 	fields[0].in_value = NULL;

  161. 

  162. 	fields[1].num_bits = 32;

  163. 	fields[1].out_value = value_buf;

  164. 	fields[1].in_value = NULL;

  165. 

  166. 	fields[2].num_bits = 6;

  167. 	fields[2].out_value = &reg_addr_buf;

  168. 	fields[2].in_value = NULL;

  169. 

  170. 	fields[3].num_bits = 1;

  171. 	fields[3].out_value = &nr_w_buf;

  172. 	fields[3].in_value = NULL;

  173. 

  174. 	jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);

  175. 

  176. #ifdef _DEBUG_INSTRUCTION_EXECUTION_

  177. 	LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);

  178. #endif

  179. 

  180. 	return ERROR_OK;

  181. }

  182. 

  183. /* See table 9-10 for scan chain 15 format during interpreted access mode.

  184.  * If the TESTSTATE register is set for interpreted access, certain CP15

  185.  * MRC and MCR instructions may be executed through scan chain 15.

  186.  *

  187.  * Tables 9-11, 9-12, and 9-13 show which MRC and MCR instructions can be

  188.  * executed using scan chain 15 interpreted mode.

  189.  */

  190. static int arm920t_execute_cp15(struct target *target, uint32_t cp15_opcode,

  191. 	uint32_t arm_opcode)

  192. {

  193. 	int retval;

  194. 	struct arm920t_common *arm920t = target_to_arm920(target);

  195. 	struct arm_jtag *jtag_info;

  196. 	struct scan_field fields[4];

  197. 	uint8_t access_type_buf = 0;		/* interpreted access */

  198. 	uint8_t reg_addr_buf = 0x0;

  199. 	uint8_t nr_w_buf = 0;

  200. 	uint8_t cp15_opcode_buf[4];

  201. 

  202. 	jtag_info = &arm920t->arm7_9_common.jtag_info;

  203. 

  204. 	retval = arm_jtag_scann(jtag_info, 0xf, TAP_IDLE);

  205. 	if (retval != ERROR_OK)

  206. 		return retval;

  207. 	retval = arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL, TAP_IDLE);

  208. 	if (retval != ERROR_OK)

  209. 		return retval;

  210. 

  211. 	buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);

  212. 

  213. 	fields[0].num_bits = 1;

  214. 	fields[0].out_value = &access_type_buf;

  215. 	fields[0].in_value = NULL;

  216. 

  217. 	fields[1].num_bits = 32;

  218. 	fields[1].out_value = cp15_opcode_buf;

  219. 	fields[1].in_value = NULL;

  220. 

  221. 	fields[2].num_bits = 6;

  222. 	fields[2].out_value = &reg_addr_buf;

  223. 	fields[2].in_value = NULL;

  224. 

  225. 	fields[3].num_bits = 1;

  226. 	fields[3].out_value = &nr_w_buf;

  227. 	fields[3].in_value = NULL;

  228. 

  229. 	jtag_add_dr_scan(jtag_info->tap, 4, fields, TAP_IDLE);

  230. 

  231. 	arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);

  232. 	arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);

  233. 	retval = arm7_9_execute_sys_speed(target);

  234. 	if (retval != ERROR_OK)

  235. 		return retval;

  236. 

  237. 	retval = jtag_execute_queue();

  238. 	if (retval != ERROR_OK) {

  239. 		LOG_ERROR("failed executing JTAG queue");

  240. 		return retval;

  241. 	}

  242. 

  243. 	return ERROR_OK;

  244. }

  245. 

  246. static int arm920t_read_cp15_interpreted(struct target *target,

  247. 	uint32_t cp15_opcode, uint32_t address, uint32_t *value)

  248. {

  249. 	struct arm *arm = target_to_arm(target);

  250. 	uint32_t *regs_p[1];

  251. 	uint32_t regs[2];

  252. 	uint32_t cp15c15 = 0x0;

  253. 	struct reg *r = arm->core_cache->reg_list;

  254. 

  255. 	/* load address into R1 */

  256. 	regs[1] = address;

  257. 	arm9tdmi_write_core_regs(target, 0x2, regs);

  258. 

  259. 	/* read-modify-write CP15 test state register

  260. 	* to enable interpreted access mode */

  261. 	arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);

  262. 	jtag_execute_queue();

  263. 	cp15c15 |= 1;	/* set interpret mode */

  264. 	arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);

  265. 

  266. 	/* execute CP15 instruction and ARM load (reading from coprocessor) */

  267. 	arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));

  268. 

  269. 	/* disable interpreted access mode */

  270. 	cp15c15 &= ~1U;	/* clear interpret mode */

  271. 	arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);

  272. 

  273. 	/* retrieve value from R0 */

  274. 	regs_p[0] = value;

  275. 	arm9tdmi_read_core_regs(target, 0x1, regs_p);

  276. 	jtag_execute_queue();

  277. 

  278. #ifdef _DEBUG_INSTRUCTION_EXECUTION_

  279. 	LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x",

  280. 		cp15_opcode, address, *value);

  281. #endif

  282. 

  283. 	if (!is_arm_mode(arm->core_mode)) {

  284. 		LOG_ERROR("not a valid arm core mode - communication failure?");

  285. 		return ERROR_FAIL;

  286. 	}

  287. 

  288. 	r[0].dirty = 1;

  289. 	r[1].dirty = 1;

  290. 

  291. 	return ERROR_OK;

  292. }

  293. 

  294. static

  295. int arm920t_write_cp15_interpreted(struct target *target,

  296. 	uint32_t cp15_opcode, uint32_t value, uint32_t address)

  297. {

  298. 	uint32_t cp15c15 = 0x0;

  299. 	struct arm *arm = target_to_arm(target);

  300. 	uint32_t regs[2];

  301. 	struct reg *r = arm->core_cache->reg_list;

  302. 

  303. 	/* load value, address into R0, R1 */

  304. 	regs[0] = value;

  305. 	regs[1] = address;

  306. 	arm9tdmi_write_core_regs(target, 0x3, regs);

  307. 

  308. 	/* read-modify-write CP15 test state register

  309. 	* to enable interpreted access mode */

  310. 	arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);

  311. 	jtag_execute_queue();

  312. 	cp15c15 |= 1;	/* set interpret mode */

  313. 	arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);

  314. 

  315. 	/* execute CP15 instruction and ARM store (writing to coprocessor) */

  316. 	arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));

  317. 

  318. 	/* disable interpreted access mode */

  319. 	cp15c15 &= ~1U;	/* set interpret mode */

  320. 	arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);

  321. 

  322. #ifdef _DEBUG_INSTRUCTION_EXECUTION_

  323. 	LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x",

  324. 		cp15_opcode, value, address);

  325. #endif

  326. 

  327. 	if (!is_arm_mode(arm->core_mode)) {

  328. 		LOG_ERROR("not a valid arm core mode - communication failure?");

  329. 		return ERROR_FAIL;

  330. 	}

  331. 

  332. 	r[0].dirty = 1;

  333. 	r[1].dirty = 1;

  334. 

  335. 	return ERROR_OK;

  336. }

  337. 

  338. /* EXPORTED to FA256 */

  339. int arm920t_get_ttb(struct target *target, uint32_t *result)

  340. {

  341. 	int retval;

  342. 	uint32_t ttb = 0x0;

  343. 

  344. 	retval = arm920t_read_cp15_interpreted(target,

  345. 			/* FIXME use opcode macro */

  346. 			0xeebf0f51, 0x0, &ttb);

  347. 	if (retval != ERROR_OK)

  348. 		return retval;

  349. 

  350. 	*result = ttb;

  351. 	return ERROR_OK;

  352. }

  353. 

  354. /* EXPORTED to FA256 */

  355. int arm920t_disable_mmu_caches(struct target *target, int mmu,

  356. 	int d_u_cache, int i_cache)

  357. {

  358. 	uint32_t cp15_control;

  359. 	int retval;

  360. 

  361. 	/* read cp15 control register */

  362. 	retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);

  363. 	if (retval != ERROR_OK)

  364. 		return retval;

  365. 	retval = jtag_execute_queue();

  366. 	if (retval != ERROR_OK)

  367. 		return retval;

  368. 

  369. 	if (mmu)

  370. 		cp15_control &= ~0x1U;

  371. 

  372. 	if (d_u_cache)

  373. 		cp15_control &= ~0x4U;

  374. 

  375. 	if (i_cache)

  376. 		cp15_control &= ~0x1000U;

  377. 

  378. 	retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);

  379. 	return retval;

  380. }

  381. 

  382. /* EXPORTED to FA256 */

  383. int arm920t_enable_mmu_caches(struct target *target, int mmu,

  384. 	int d_u_cache, int i_cache)

  385. {

  386. 	uint32_t cp15_control;

  387. 	int retval;

  388. 

  389. 	/* read cp15 control register */

  390. 	retval = arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_control);

  391. 	if (retval != ERROR_OK)

  392. 		return retval;

  393. 	retval = jtag_execute_queue();

  394. 	if (retval != ERROR_OK)

  395. 		return retval;

  396. 

  397. 	if (mmu)

  398. 		cp15_control |= 0x1U;

  399. 

  400. 	if (d_u_cache)

  401. 		cp15_control |= 0x4U;

  402. 

  403. 	if (i_cache)

  404. 		cp15_control |= 0x1000U;

  405. 

  406. 	retval = arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_control);

  407. 	return retval;

  408. }

  409. 

  410. /* EXPORTED to FA256 */

  411. int arm920t_post_debug_entry(struct target *target)

  412. {

  413. 	uint32_t cp15c15;

  414. 	struct arm920t_common *arm920t = target_to_arm920(target);

  415. 	int retval;

  416. 

  417. 	/* examine cp15 control reg */

  418. 	retval = arm920t_read_cp15_physical(target,

  419. 			CP15PHYS_CTRL, &arm920t->cp15_control_reg);

  420. 	if (retval != ERROR_OK)

  421. 		return retval;

  422. 	retval = jtag_execute_queue();

  423. 	if (retval != ERROR_OK)

  424. 		return retval;

  425. 	LOG_DEBUG("cp15_control_reg: %8.8" PRIx32, arm920t->cp15_control_reg);

  426. 

  427. 	if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1) {

  428. 		uint32_t cache_type_reg;

  429. 		/* identify caches */

  430. 		retval = arm920t_read_cp15_physical(target,

  431. 				CP15PHYS_CACHETYPE, &cache_type_reg);

  432. 		if (retval != ERROR_OK)

  433. 			return retval;

  434. 		retval = jtag_execute_queue();

  435. 		if (retval != ERROR_OK)

  436. 			return retval;

  437. 		armv4_5_identify_cache(cache_type_reg,

  438. 			&arm920t->armv4_5_mmu.armv4_5_cache);

  439. 	}

  440. 

  441. 	arm920t->armv4_5_mmu.mmu_enabled =

  442. 		(arm920t->cp15_control_reg & 0x1U) ? 1 : 0;

  443. 	arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled =

  444. 		(arm920t->cp15_control_reg & 0x4U) ? 1 : 0;

  445. 	arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled =

  446. 		(arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;

  447. 

  448. 	/* save i/d fault status and address register

  449. 	 * FIXME use opcode macros */

  450. 	retval = arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);

  451. 	if (retval != ERROR_OK)

  452. 		return retval;

  453. 	retval = arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);

  454. 	if (retval != ERROR_OK)

  455. 		return retval;

  456. 	retval = arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);

  457. 	if (retval != ERROR_OK)

  458. 		return retval;

  459. 	retval = arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);

  460. 	if (retval != ERROR_OK)

  461. 		return retval;

  462. 

  463. 	LOG_DEBUG("D FSR: 0x%8.8" PRIx32 ", D FAR: 0x%8.8" PRIx32

  464. 		", I FSR: 0x%8.8" PRIx32 ", I FAR: 0x%8.8" PRIx32,

  465. 		arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);

  466. 

  467. 	if (arm920t->preserve_cache) {

  468. 		/* read-modify-write CP15 test state register

  469. 		 * to disable I/D-cache linefills */

  470. 		retval = arm920t_read_cp15_physical(target,

  471. 				CP15PHYS_TESTSTATE, &cp15c15);

  472. 		if (retval != ERROR_OK)

  473. 			return retval;

  474. 		retval = jtag_execute_queue();

  475. 		if (retval != ERROR_OK)

  476. 			return retval;

  477. 		cp15c15 |= 0x600;

  478. 		retval = arm920t_write_cp15_physical(target,

  479. 				CP15PHYS_TESTSTATE, cp15c15);

  480. 		if (retval != ERROR_OK)

  481. 			return retval;

  482. 	}

  483. 	return ERROR_OK;

  484. }

  485. 

  486. /* EXPORTED to FA256 */

  487. void arm920t_pre_restore_context(struct target *target)

  488. {

  489. 	uint32_t cp15c15;

  490. 	struct arm920t_common *arm920t = target_to_arm920(target);

  491. 

  492. 	/* restore i/d fault status and address register */

  493. 	arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);

  494. 	arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);

  495. 	arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);

  496. 	arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);

  497. 

  498. 	/* read-modify-write CP15 test state register

  499. 	* to reenable I/D-cache linefills */

  500. 	if (arm920t->preserve_cache) {

  501. 		arm920t_read_cp15_physical(target,

  502. 			CP15PHYS_TESTSTATE, &cp15c15);

  503. 		jtag_execute_queue();

  504. 		cp15c15 &= ~0x600U;

  505. 		arm920t_write_cp15_physical(target,

  506. 			CP15PHYS_TESTSTATE, cp15c15);

  507. 	}

  508. }

  509. 

  510. static const char arm920_not[] = "target is not an ARM920";

  511. 

  512. static int arm920t_verify_pointer(struct command_context *cmd_ctx,

  513. 	struct arm920t_common *arm920t)

  514. {

  515. 	if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {

  516. 		command_print(cmd_ctx, arm920_not);

  517. 		return ERROR_TARGET_INVALID;

  518. 	}

  519. 

  520. 	return ERROR_OK;

  521. }

  522. 

  523. /** Logs summary of ARM920 state for a halted target. */

  524. int arm920t_arch_state(struct target *target)

  525. {

  526. 	static const char *state[] = {

  527. 		"disabled", "enabled"

  528. 	};

  529. 

  530. 	struct arm920t_common *arm920t = target_to_arm920(target);

  531. 

  532. 	if (arm920t->common_magic != ARM920T_COMMON_MAGIC) {

  533. 		LOG_ERROR("BUG: %s", arm920_not);

  534. 		return ERROR_TARGET_INVALID;

  535. 	}

  536. 

  537. 	arm_arch_state(target);

  538. 	LOG_USER("MMU: %s, D-Cache: %s, I-Cache: %s",

  539. 		state[arm920t->armv4_5_mmu.mmu_enabled],

  540. 		state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],

  541. 		state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);

  542. 

  543. 	return ERROR_OK;

  544. }

  545. 

  546. static int arm920_mmu(struct target *target, int *enabled)

  547. {

  548. 	if (target->state != TARGET_HALTED) {

  549. 		LOG_ERROR("%s: target not halted", __func__);

  550. 		return ERROR_TARGET_INVALID;

  551. 	}

  552. 

  553. 	*enabled = target_to_arm920(target)->armv4_5_mmu.mmu_enabled;

  554. 	return ERROR_OK;

  555. }

  556. 

  557. static int arm920_virt2phys(struct target *target,

  558. 	uint32_t virt, uint32_t *phys)

  559. {

  560. 	uint32_t cb;

  561. 	struct arm920t_common *arm920t = target_to_arm920(target);

  562. 

  563. 	uint32_t ret;

  564. 	int retval = armv4_5_mmu_translate_va(target,

  565. 			&arm920t->armv4_5_mmu, virt, &cb, &ret);

  566. 	if (retval != ERROR_OK)

  567. 		return retval;

  568. 	*phys = ret;

  569. 	return ERROR_OK;

  570. }

  571. 

  572. /** Reads a buffer, in the specified word size, with current MMU settings. */

  573. int arm920t_read_memory(struct target *target, uint32_t address,

  574. 	uint32_t size, uint32_t count, uint8_t *buffer)

  575. {

  576. 	int retval;

  577. 

  578. 	retval = arm7_9_read_memory(target, address, size, count, buffer);

  579. 

  580. 	return retval;

  581. }

  582. 

  583. 

  584. static int arm920t_read_phys_memory(struct target *target,

  585. 	uint32_t address, uint32_t size,

  586. 	uint32_t count, uint8_t *buffer)

  587. {

  588. 	struct arm920t_common *arm920t = target_to_arm920(target);

  589. 

  590. 	return armv4_5_mmu_read_physical(target, &arm920t->armv4_5_mmu,

  591. 		address, size, count, buffer);

  592. }

  593. 

  594. static int arm920t_write_phys_memory(struct target *target,

  595. 	uint32_t address, uint32_t size,

  596. 	uint32_t count, const uint8_t *buffer)

  597. {

  598. 	struct arm920t_common *arm920t = target_to_arm920(target);

  599. 

  600. 	return armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu,

  601. 		address, size, count, buffer);

  602. }

  603. 

  604. /** Writes a buffer, in the specified word size, with current MMU settings. */

  605. int arm920t_write_memory(struct target *target, uint32_t address,

  606. 	uint32_t size, uint32_t count, const uint8_t *buffer)

  607. {

  608. 	int retval;

  609. 	const uint32_t cache_mask = ~0x1f;	/* cache line size : 32 byte */

  610. 	struct arm920t_common *arm920t = target_to_arm920(target);

  611. 

  612. 	/* FIX!!!! this should be cleaned up and made much more general. The

  613. 	 * plan is to write up and test on arm920t specifically and

  614. 	 * then generalize and clean up afterwards.

  615. 	 *

  616. 	 * Also it should be moved to the callbacks that handle breakpoints

  617. 	 * specifically and not the generic memory write fn's. See XScale code.

  618. 	 */

  619. 	if (arm920t->armv4_5_mmu.mmu_enabled && (count == 1) &&

  620. 			((size == 2) || (size == 4))) {

  621. 		/* special case the handling of single word writes to

  622. 		 * bypass MMU, to allow implementation of breakpoints

  623. 		 * in memory marked read only

  624. 		 * by MMU

  625. 		 */

  626. 		uint32_t cb;

  627. 		uint32_t pa;

  628. 

  629. 		/*

  630. 		 * We need physical address and cb

  631. 		 */

  632. 		retval = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu,

  633. 				address, &cb, &pa);

  634. 		if (retval != ERROR_OK)

  635. 			return retval;

  636. 

  637. 		if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled) {

  638. 			if (cb & 0x1) {

  639. 				LOG_DEBUG("D-Cache buffered, "

  640. 					"drain write buffer");

  641. 				/*

  642. 				 * Buffered ?

  643. 				 * Drain write buffer - MCR p15,0,Rd,c7,c10,4

  644. 				 */

  645. 

  646. 				retval = arm920t_write_cp15_interpreted(target,

  647. 						ARMV4_5_MCR(15, 0, 0, 7, 10, 4),

  648. 						0x0, 0);

  649. 				if (retval != ERROR_OK)

  650. 					return retval;

  651. 			}

  652. 

  653. 			if (cb == 0x3) {

  654. 				/*

  655. 				 * Write back memory ? -> clean cache

  656. 				 *

  657. 				 * There is no way to clean cache lines using

  658. 				 * cp15 scan chain, so copy the full cache

  659. 				 * line from cache to physical memory.

  660. 				 */

  661. 				uint8_t data[32];

  662. 

  663. 				LOG_DEBUG("D-Cache in 'write back' mode, "

  664. 					"flush cache line");

  665. 

  666. 				retval = target_read_memory(target,

  667. 						address & cache_mask, 1,

  668. 						sizeof(data), &data[0]);

  669. 				if (retval != ERROR_OK)

  670. 					return retval;

  671. 

  672. 				retval = armv4_5_mmu_write_physical(target,

  673. 						&arm920t->armv4_5_mmu,

  674. 						pa & cache_mask, 1,

  675. 						sizeof(data), &data[0]);

  676. 				if (retval != ERROR_OK)

  677. 					return retval;

  678. 			}

  679. 

  680. 			/* Cached ? */

  681. 			if (cb & 0x2) {

  682. 				/*

  683. 				 * Cached ? -> Invalidate data cache using MVA

  684. 				 *

  685. 				 * MCR p15,0,Rd,c7,c6,1

  686. 				 */

  687. 				LOG_DEBUG("D-Cache enabled, "

  688. 					"invalidate cache line");

  689. 

  690. 				retval = arm920t_write_cp15_interpreted(target,

  691. 						ARMV4_5_MCR(15, 0, 0, 7, 6, 1), 0x0,

  692. 						address & cache_mask);

  693. 				if (retval != ERROR_OK)

  694. 					return retval;

  695. 			}

  696. 		}

  697. 

  698. 		/* write directly to physical memory,

  699. 		 * bypassing any read only MMU bits, etc.

  700. 		 */

  701. 		retval = armv4_5_mmu_write_physical(target,

  702. 				&arm920t->armv4_5_mmu, pa, size,

  703. 				count, buffer);

  704. 		if (retval != ERROR_OK)

  705. 			return retval;

  706. 	} else {

  707. 		retval = arm7_9_write_memory(target, address, size, count, buffer);

  708. 		if (retval != ERROR_OK)

  709. 			return retval;

  710. 	}

  711. 

  712. 	/* If ICache is enabled, we have to invalidate affected ICache lines

  713. 	 * the DCache is forced to write-through,

  714. 	 * so we don't have to clean it here

  715. 	 */

  716. 	if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled) {

  717. 		if (count <= 1) {

  718. 			/* invalidate ICache single entry with MVA

  719. 			 *   mcr	15, 0, r0, cr7, cr5, {1}

  720. 			 */

  721. 			LOG_DEBUG("I-Cache enabled, "

  722. 				"invalidating affected I-Cache line");

  723. 			retval = arm920t_write_cp15_interpreted(target,

  724. 					ARMV4_5_MCR(15, 0, 0, 7, 5, 1),

  725. 					0x0, address & cache_mask);

  726. 			if (retval != ERROR_OK)

  727. 				return retval;

  728. 		} else {

  729. 			/* invalidate ICache

  730. 			 *  mcr	15, 0, r0, cr7, cr5, {0}

  731. 			 */

  732. 			retval = arm920t_write_cp15_interpreted(target,

  733. 					ARMV4_5_MCR(15, 0, 0, 7, 5, 0),

  734. 					0x0, 0x0);

  735. 			if (retval != ERROR_OK)

  736. 				return retval;

  737. 		}

  738. 	}

  739. 

  740. 	return ERROR_OK;

  741. }

  742. 

  743. /* EXPORTED to FA256 */

  744. int arm920t_soft_reset_halt(struct target *target)

  745. {

  746. 	int retval = ERROR_OK;

  747. 	struct arm920t_common *arm920t = target_to_arm920(target);

  748. 	struct arm7_9_common *arm7_9 = target_to_arm7_9(target);

  749. 	struct arm *arm = &arm7_9->arm;

  750. 	struct reg *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];

  751. 

  752. 	retval = target_halt(target);

  753. 	if (retval != ERROR_OK)

  754. 		return retval;

  755. 

  756. 	long long then = timeval_ms();

  757. 	int timeout;

  758. 	while (!(timeout = ((timeval_ms()-then) > 1000))) {

  759. 		if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0) {

  760. 			embeddedice_read_reg(dbg_stat);

  761. 			retval = jtag_execute_queue();

  762. 			if (retval != ERROR_OK)

  763. 				return retval;

  764. 		} else

  765. 			break;

  766. 		if (debug_level >= 3) {

  767. 			/* do not eat all CPU, time out after 1 se*/

  768. 			alive_sleep(100);

  769. 		} else

  770. 			keep_alive();

  771. 	}

  772. 	if (timeout) {

  773. 		LOG_ERROR("Failed to halt CPU after 1 sec");

  774. 		return ERROR_TARGET_TIMEOUT;

  775. 	}

  776. 

  777. 	target->state = TARGET_HALTED;

  778. 

  779. 	/* SVC, ARM state, IRQ and FIQ disabled */

  780. 	uint32_t cpsr;

  781. 

  782. 	cpsr = buf_get_u32(arm->cpsr->value, 0, 32);

  783. 	cpsr &= ~0xff;

  784. 	cpsr |= 0xd3;

  785. 	arm_set_cpsr(arm, cpsr);

  786. 	arm->cpsr->dirty = 1;

  787. 

  788. 	/* start fetching from 0x0 */

  789. 	buf_set_u32(arm->pc->value, 0, 32, 0x0);

  790. 	arm->pc->dirty = 1;

  791. 	arm->pc->valid = 1;

  792. 

  793. 	arm920t_disable_mmu_caches(target, 1, 1, 1);

  794. 	arm920t->armv4_5_mmu.mmu_enabled = 0;

  795. 	arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;

  796. 	arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;

  797. 

  798. 	return target_call_event_callbacks(target, TARGET_EVENT_HALTED);

  799. }

  800. 

  801. /* FIXME remove forward decls */

  802. static int arm920t_mrc(struct target *target, int cpnum,

  803. 		uint32_t op1, uint32_t op2,

  804. 		uint32_t CRn, uint32_t CRm,

  805. 		uint32_t *value);

  806. static int arm920t_mcr(struct target *target, int cpnum,

  807. 		uint32_t op1, uint32_t op2,

  808. 		uint32_t CRn, uint32_t CRm,

  809. 		uint32_t value);

  810. 

  811. static int arm920t_init_arch_info(struct target *target,

  812. 	struct arm920t_common *arm920t, struct jtag_tap *tap)

  813. {

  814. 	struct arm7_9_common *arm7_9 = &arm920t->arm7_9_common;

  815. 

  816. 	arm7_9->arm.mrc = arm920t_mrc;

  817. 	arm7_9->arm.mcr = arm920t_mcr;

  818. 

  819. 	/* initialize arm7/arm9 specific info (including armv4_5) */

  820. 	arm9tdmi_init_arch_info(target, arm7_9, tap);

  821. 

  822. 	arm920t->common_magic = ARM920T_COMMON_MAGIC;

  823. 

  824. 	arm7_9->post_debug_entry = arm920t_post_debug_entry;

  825. 	arm7_9->pre_restore_context = arm920t_pre_restore_context;

  826. 

  827. 	arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;

  828. 	arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;

  829. 	arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;

  830. 	arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;

  831. 	arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;

  832. 	arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;

  833. 	arm920t->armv4_5_mmu.has_tiny_pages = 1;

  834. 	arm920t->armv4_5_mmu.mmu_enabled = 0;

  835. 

  836. 	/* disabling linefills leads to lockups, so keep them enabled for now

  837. 	 * this doesn't affect correctness, but might affect timing issues, if

  838. 	 * important data is evicted from the cache during the debug session

  839. 	 * */

  840. 	arm920t->preserve_cache = 0;

  841. 

  842. 	/* override hw single-step capability from ARM9TDMI */

  843. 	arm7_9->has_single_step = 1;

  844. 

  845. 	return ERROR_OK;

  846. }

  847. 

  848. static int arm920t_target_create(struct target *target, Jim_Interp *interp)

  849. {

  850. 	struct arm920t_common *arm920t;

  851. 

  852. 	arm920t = calloc(1, sizeof(struct arm920t_common));

  853. 	return arm920t_init_arch_info(target, arm920t, target->tap);

  854. }

  855. 

  856. COMMAND_HANDLER(arm920t_handle_read_cache_command)

  857. {

  858. 	int retval = ERROR_OK;

  859. 	struct target *target = get_current_target(CMD_CTX);

  860. 	struct arm920t_common *arm920t = target_to_arm920(target);

  861. 	struct arm7_9_common *arm7_9 = target_to_arm7_9(target);

  862. 	struct arm *arm = &arm7_9->arm;

  863. 	uint32_t cp15c15;

  864. 	uint32_t cp15_ctrl, cp15_ctrl_saved;

  865. 	uint32_t regs[16];

  866. 	uint32_t *regs_p[16];

  867. 	uint32_t C15_C_D_Ind, C15_C_I_Ind;

  868. 	int i;

  869. 	FILE *output;

  870. 	int segment, index_t;

  871. 	struct reg *r;

  872. 

  873. 	retval = arm920t_verify_pointer(CMD_CTX, arm920t);

  874. 	if (retval != ERROR_OK)

  875. 		return retval;

  876. 

  877. 	if (CMD_ARGC != 1)

  878. 		return ERROR_COMMAND_SYNTAX_ERROR;

  879. 

  880. 	output = fopen(CMD_ARGV[0], "w");

  881. 	if (output == NULL) {

  882. 		LOG_DEBUG("error opening cache content file");

  883. 		return ERROR_OK;

  884. 	}

  885. 

  886. 	for (i = 0; i < 16; i++)

  887. 		regs_p[i] = &regs[i];

  888. 

  889. 	/* disable MMU and Caches */

  890. 	arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);

  891. 	retval = jtag_execute_queue();

  892. 	if (retval != ERROR_OK)

  893. 		return retval;

  894. 	cp15_ctrl_saved = cp15_ctrl;

  895. 	cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED

  896. 			| ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);

  897. 	arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);

  898. 

  899. 	/* read CP15 test state register */

  900. 	arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);

  901. 	jtag_execute_queue();

  902. 

  903. 	/* read DCache content */

  904. 	fprintf(output, "DCache:\n");

  905. 

  906. 	/* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */

  907. 	for (segment = 0;

  908. 			segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;

  909. 			segment++) {

  910. 		fprintf(output, "\nsegment: %i\n----------", segment);

  911. 

  912. 		/* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */

  913. 		regs[0] = 0x0 | (segment << 5);

  914. 		arm9tdmi_write_core_regs(target, 0x1, regs);

  915. 

  916. 		/* set interpret mode */

  917. 		cp15c15 |= 0x1;

  918. 		arm920t_write_cp15_physical(target,

  919. 			CP15PHYS_TESTSTATE, cp15c15);

  920. 

  921. 		/* D CAM Read, loads current victim into C15.C.D.Ind */

  922. 		arm920t_execute_cp15(target,

  923. 			ARMV4_5_MCR(15, 2, 0, 15, 6, 2), ARMV4_5_LDR(1, 0));

  924. 

  925. 		/* read current victim */

  926. 		arm920t_read_cp15_physical(target,

  927. 			CP15PHYS_DCACHE_IDX, &C15_C_D_Ind);

  928. 

  929. 		/* clear interpret mode */

  930. 		cp15c15 &= ~0x1;

  931. 		arm920t_write_cp15_physical(target,

  932. 			CP15PHYS_TESTSTATE, cp15c15);

  933. 

  934. 		for (index_t = 0; index_t < 64; index_t++) {

  935. 			/* Ra:

  936. 			 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)

  937. 			 */

  938. 			regs[0] = 0x0 | (segment << 5) | (index_t << 26);

  939. 			arm9tdmi_write_core_regs(target, 0x1, regs);

  940. 

  941. 			/* set interpret mode */

  942. 			cp15c15 |= 0x1;

  943. 			arm920t_write_cp15_physical(target,

  944. 				CP15PHYS_TESTSTATE, cp15c15);

  945. 

  946. 			/* Write DCache victim */

  947. 			arm920t_execute_cp15(target,

  948. 				ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));

  949. 

  950. 			/* Read D RAM */

  951. 			arm920t_execute_cp15(target,

  952. 				ARMV4_5_MCR(15, 2, 0, 15, 10, 2),

  953. 				ARMV4_5_LDMIA(0, 0x1fe, 0, 0));

  954. 

  955. 			/* Read D CAM */

  956. 			arm920t_execute_cp15(target,

  957. 				ARMV4_5_MCR(15, 2, 0, 15, 6, 2),

  958. 				ARMV4_5_LDR(9, 0));

  959. 

  960. 			/* clear interpret mode */

  961. 			cp15c15 &= ~0x1;

  962. 			arm920t_write_cp15_physical(target,

  963. 				CP15PHYS_TESTSTATE, cp15c15);

  964. 

  965. 			/* read D RAM and CAM content */

  966. 			arm9tdmi_read_core_regs(target, 0x3fe, regs_p);

  967. 			retval = jtag_execute_queue();

  968. 			if (retval != ERROR_OK)

  969. 				return retval;

  970. 

  971. 			/* mask LFSR[6] */

  972. 			regs[9] &= 0xfffffffe;

  973. 			fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8"

  974. 				PRIx32 ", content (%s):\n",

  975. 				segment, index_t, regs[9],

  976. 				(regs[9] & 0x10) ? "valid" : "invalid");

  977. 

  978. 			for (i = 1; i < 9; i++) {

  979. 				fprintf(output, "%i: 0x%8.8" PRIx32 "\n",

  980. 					i-1, regs[i]);

  981. 			}

  982. 

  983. 		}

  984. 

  985. 		/* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */

  986. 		regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);

  987. 		arm9tdmi_write_core_regs(target, 0x1, regs);

  988. 

  989. 		/* set interpret mode */

  990. 		cp15c15 |= 0x1;

  991. 		arm920t_write_cp15_physical(target,

  992. 			CP15PHYS_TESTSTATE, cp15c15);

  993. 

  994. 		/* Write DCache victim */

  995. 		arm920t_execute_cp15(target,

  996. 			ARMV4_5_MCR(15, 0, 0, 9, 1, 0), ARMV4_5_LDR(1, 0));

  997. 

  998. 		/* clear interpret mode */

  999. 		cp15c15 &= ~0x1;

  1000. 		arm920t_write_cp15_physical(target,

  1001. 			CP15PHYS_TESTSTATE, cp15c15);

  1002. 	}

  1003. 

  1004. 	/* read ICache content */

  1005. 	fprintf(output, "ICache:\n");

  1006. 

  1007. 	/* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */

  1008. 	for (segment = 0;

  1009. 			segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets;

  1010. 			segment++) {

  1011. 		fprintf(output, "segment: %i\n----------", segment);

  1012. 

  1013. 		/* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */

  1014. 		regs[0] = 0x0 | (segment << 5);

  1015. 		arm9tdmi_write_core_regs(target, 0x1, regs);

  1016. 

  1017. 		/* set interpret mode */

  1018. 		cp15c15 |= 0x1;

  1019. 		arm920t_write_cp15_physical(target,

  1020. 			CP15PHYS_TESTSTATE, cp15c15);

  1021. 

  1022. 		/* I CAM Read, loads current victim into C15.C.I.Ind */

  1023. 		arm920t_execute_cp15(target,

  1024. 			ARMV4_5_MCR(15, 2, 0, 15, 5, 2), ARMV4_5_LDR(1, 0));

  1025. 

  1026. 		/* read current victim */

  1027. 		arm920t_read_cp15_physical(target, CP15PHYS_ICACHE_IDX,

  1028. 			&C15_C_I_Ind);

  1029. 

  1030. 		/* clear interpret mode */

  1031. 		cp15c15 &= ~0x1;

  1032. 		arm920t_write_cp15_physical(target,

  1033. 			CP15PHYS_TESTSTATE, cp15c15);

  1034. 

  1035. 		for (index_t = 0; index_t < 64; index_t++) {

  1036. 			/* Ra:

  1037. 			 * r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0)

  1038. 			 */

  1039. 			regs[0] = 0x0 | (segment << 5) | (index_t << 26);

  1040. 			arm9tdmi_write_core_regs(target, 0x1, regs);

  1041. 

  1042. 			/* set interpret mode */

  1043. 			cp15c15 |= 0x1;

  1044. 			arm920t_write_cp15_physical(target,

  1045. 				CP15PHYS_TESTSTATE, cp15c15);

  1046. 

  1047. 			/* Write ICache victim */

  1048. 			arm920t_execute_cp15(target,

  1049. 				ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));

  1050. 

  1051. 			/* Read I RAM */

  1052. 			arm920t_execute_cp15(target,

  1053. 				ARMV4_5_MCR(15, 2, 0, 15, 9, 2),

  1054. 				ARMV4_5_LDMIA(0, 0x1fe, 0, 0));

  1055. 

  1056. 			/* Read I CAM */

  1057. 			arm920t_execute_cp15(target,

  1058. 				ARMV4_5_MCR(15, 2, 0, 15, 5, 2),

  1059. 				ARMV4_5_LDR(9, 0));

  1060. 

  1061. 			/* clear interpret mode */

  1062. 			cp15c15 &= ~0x1;

  1063. 			arm920t_write_cp15_physical(target,

  1064. 				CP15PHYS_TESTSTATE, cp15c15);

  1065. 

  1066. 			/* read I RAM and CAM content */

  1067. 			arm9tdmi_read_core_regs(target, 0x3fe, regs_p);

  1068. 			retval = jtag_execute_queue();

  1069. 			if (retval != ERROR_OK)

  1070. 				return retval;

  1071. 

  1072. 			/* mask LFSR[6] */

  1073. 			regs[9] &= 0xfffffffe;

  1074. 			fprintf(output, "\nsegment: %i, index: %i, "

  1075. 				"CAM: 0x%8.8" PRIx32 ", content (%s):\n",

  1076. 				segment, index_t, regs[9],

  1077. 				(regs[9] & 0x10) ? "valid" : "invalid");

  1078. 

  1079. 			for (i = 1; i < 9; i++) {

  1080. 				fprintf(output, "%i: 0x%8.8" PRIx32 "\n",

  1081. 					i-1, regs[i]);

  1082. 			}

  1083. 		}

  1084. 

  1085. 		/* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */

  1086. 		regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);

  1087. 		arm9tdmi_write_core_regs(target, 0x1, regs);

  1088. 

  1089. 		/* set interpret mode */

  1090. 		cp15c15 |= 0x1;

  1091. 		arm920t_write_cp15_physical(target,

  1092. 			CP15PHYS_TESTSTATE, cp15c15);

  1093. 

  1094. 		/* Write ICache victim */

  1095. 		arm920t_execute_cp15(target,

  1096. 			ARMV4_5_MCR(15, 0, 0, 9, 1, 1), ARMV4_5_LDR(1, 0));

  1097. 

  1098. 		/* clear interpret mode */

  1099. 		cp15c15 &= ~0x1;

  1100. 		arm920t_write_cp15_physical(target,

  1101. 			CP15PHYS_TESTSTATE, cp15c15);

  1102. 	}

  1103. 

  1104. 	/* restore CP15 MMU and Cache settings */

  1105. 	arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);

  1106. 

  1107. 	command_print(CMD_CTX, "cache content successfully output to %s",

  1108. 		CMD_ARGV[0]);

  1109. 

  1110. 	fclose(output);

  1111. 

  1112. 	if (!is_arm_mode(arm->core_mode)) {

  1113. 		LOG_ERROR("not a valid arm core mode - communication failure?");

  1114. 		return ERROR_FAIL;

  1115. 	}

  1116. 

  1117. 	/* force writeback of the valid data */

  1118. 	r = arm->core_cache->reg_list;

  1119. 	r[0].dirty = r[0].valid;

  1120. 	r[1].dirty = r[1].valid;

  1121. 	r[2].dirty = r[2].valid;

  1122. 	r[3].dirty = r[3].valid;

  1123. 	r[4].dirty = r[4].valid;

  1124. 	r[5].dirty = r[5].valid;

  1125. 	r[6].dirty = r[6].valid;

  1126. 	r[7].dirty = r[7].valid;

  1127. 

  1128. 	r = arm_reg_current(arm, 8);

  1129. 	r->dirty = r->valid;

  1130. 

  1131. 	r = arm_reg_current(arm, 9);

  1132. 	r->dirty = r->valid;

  1133. 

  1134. 	return ERROR_OK;

  1135. }

  1136. 

  1137. COMMAND_HANDLER(arm920t_handle_read_mmu_command)

  1138. {

  1139. 	int retval = ERROR_OK;

  1140. 	struct target *target = get_current_target(CMD_CTX);

  1141. 	struct arm920t_common *arm920t = target_to_arm920(target);

  1142. 	struct arm7_9_common *arm7_9 = target_to_arm7_9(target);

  1143. 	struct arm *arm = &arm7_9->arm;

  1144. 	uint32_t cp15c15;

  1145. 	uint32_t cp15_ctrl, cp15_ctrl_saved;

  1146. 	uint32_t regs[16];

  1147. 	uint32_t *regs_p[16];

  1148. 	int i;

  1149. 	FILE *output;

  1150. 	uint32_t Dlockdown, Ilockdown;

  1151. 	struct arm920t_tlb_entry d_tlb[64], i_tlb[64];

  1152. 	int victim;

  1153. 	struct reg *r;

  1154. 

  1155. 	retval = arm920t_verify_pointer(CMD_CTX, arm920t);

  1156. 	if (retval != ERROR_OK)

  1157. 		return retval;

  1158. 

  1159. 	if (CMD_ARGC != 1)

  1160. 		return ERROR_COMMAND_SYNTAX_ERROR;

  1161. 

  1162. 	output = fopen(CMD_ARGV[0], "w");

  1163. 	if (output == NULL) {

  1164. 		LOG_DEBUG("error opening mmu content file");

  1165. 		return ERROR_OK;

  1166. 	}

  1167. 

  1168. 	for (i = 0; i < 16; i++)

  1169. 		regs_p[i] = &regs[i];

  1170. 

  1171. 	/* disable MMU and Caches */

  1172. 	arm920t_read_cp15_physical(target, CP15PHYS_CTRL, &cp15_ctrl);

  1173. 	retval = jtag_execute_queue();

  1174. 	if (retval != ERROR_OK)

  1175. 		return retval;

  1176. 	cp15_ctrl_saved = cp15_ctrl;

  1177. 	cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED

  1178. 			| ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);

  1179. 	arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl);

  1180. 

  1181. 	/* read CP15 test state register */

  1182. 	arm920t_read_cp15_physical(target, CP15PHYS_TESTSTATE, &cp15c15);

  1183. 	retval = jtag_execute_queue();

  1184. 	if (retval != ERROR_OK)

  1185. 		return retval;

  1186. 

  1187. 	/* prepare reading D TLB content

  1188. 	 * */

  1189. 

  1190. 	/* set interpret mode */

  1191. 	cp15c15 |= 0x1;

  1192. 	arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);

  1193. 

  1194. 	/* Read D TLB lockdown */

  1195. 	arm920t_execute_cp15(target,

  1196. 		ARMV4_5_MRC(15, 0, 0, 10, 0, 0), ARMV4_5_LDR(1, 0));

  1197. 

  1198. 	/* clear interpret mode */

  1199. 	cp15c15 &= ~0x1;

  1200. 	arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);

  1201. 

  1202. 	/* read D TLB lockdown stored to r1 */

  1203. 	arm9tdmi_read_core_regs(target, 0x2, regs_p);

  1204. 	retval = jtag_execute_queue();

  1205. 	if (retval != ERROR_OK)

  1206. 		return retval;

  1207. 	Dlockdown = regs[1];

  1208. 

  1209. 	for (victim = 0; victim < 64; victim += 8) {

  1210. 		/* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]

  1211. 		 * base remains unchanged, victim goes through entries 0 to 63

  1212. 		 */

  1213. 		regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);

  1214. 		arm9tdmi_write_core_regs(target, 0x2, regs);

  1215. 

  1216. 		/* set interpret mode */

  1217. 		cp15c15 |= 0x1;

  1218. 		arm920t_write_cp15_physical(target,

  1219. 			CP15PHYS_TESTSTATE, cp15c15);

  1220. 

  1221. 		/* Write D TLB lockdown */

  1222. 		arm920t_execute_cp15(target,

  1223. 			ARMV4_5_MCR(15, 0, 0, 10, 0, 0),

  1224. 			ARMV4_5_STR(1, 0));

  1225. 

  1226. 		/* Read D TLB CAM */

  1227. 		arm920t_execute_cp15(target,

  1228. 			ARMV4_5_MCR(15, 4, 0, 15, 6, 4),

  1229. 			ARMV4_5_LDMIA(0, 0x3fc, 0, 0));

  1230. 

  1231. 		/* clear interpret mode */

  1232. 		cp15c15 &= ~0x1;

  1233. 		arm920t_write_cp15_physical(target,

  1234. 			CP15PHYS_TESTSTATE, cp15c15);

  1235. 

  1236. 		/* read D TLB CAM content stored to r2-r9 */

  1237. 		arm9tdmi_read_core_regs(target, 0x3fc, regs_p);

  1238. 		retval = jtag_execute_queue();

  1239. 		if (retval != ERROR_OK)

  1240. 			return retval;

  1241. 

  1242. 		for (i = 0; i < 8; i++)

  1243. 			d_tlb[victim + i].cam = regs[i + 2];

  1244. 	}

  1245. 

  1246. 	for (victim = 0; victim < 64; victim++) {

  1247. 		/* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]

  1248. 		 * base remains unchanged, victim goes through entries 0 to 63

  1249. 		 */

  1250. 		regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);

  1251. 		arm9tdmi_write_core_regs(target, 0x2, regs);

  1252. 

  1253. 		/* set interpret mode */

  1254. 		cp15c15 |= 0x1;

  1255. 		arm920t_write_cp15_physical(target,

  1256. 			CP15PHYS_TESTSTATE, cp15c15);

  1257. 

  1258. 		/* Write D TLB lockdown */

  1259. 		arm920t_execute_cp15(target,

  1260. 			ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));

  1261. 

  1262. 		/* Read D TLB RAM1 */

  1263. 		arm920t_execute_cp15(target,

  1264. 			ARMV4_5_MCR(15, 4, 0, 15, 10, 4), ARMV4_5_LDR(2, 0));

  1265. 

  1266. 		/* Read D TLB RAM2 */

  1267. 		arm920t_execute_cp15(target,

  1268. 			ARMV4_5_MCR(15, 4, 0, 15, 2, 5), ARMV4_5_LDR(3, 0));

  1269. 

  1270. 		/* clear interpret mode */

  1271. 		cp15c15 &= ~0x1;

  1272. 		arm920t_write_cp15_physical(target,

  1273. 			CP15PHYS_TESTSTATE, cp15c15);

  1274. 

  1275. 		/* read D TLB RAM content stored to r2 and r3 */

  1276. 		arm9tdmi_read_core_regs(target, 0xc, regs_p);

  1277. 		retval = jtag_execute_queue();

  1278. 		if (retval != ERROR_OK)

  1279. 			return retval;

  1280. 

  1281. 		d_tlb[victim].ram1 = regs[2];

  1282. 		d_tlb[victim].ram2 = regs[3];

  1283. 	}

  1284. 

  1285. 	/* restore D TLB lockdown */

  1286. 	regs[1] = Dlockdown;

  1287. 	arm9tdmi_write_core_regs(target, 0x2, regs);

  1288. 

  1289. 	/* Write D TLB lockdown */

  1290. 	arm920t_execute_cp15(target,

  1291. 		ARMV4_5_MCR(15, 0, 0, 10, 0, 0), ARMV4_5_STR(1, 0));

  1292. 

  1293. 	/* prepare reading I TLB content

  1294. 	 * */

  1295. 

  1296. 	/* set interpret mode */

  1297. 	cp15c15 |= 0x1;

  1298. 	arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);

  1299. 

  1300. 	/* Read I TLB lockdown */

  1301. 	arm920t_execute_cp15(target,

  1302. 		ARMV4_5_MRC(15, 0, 0, 10, 0, 1), ARMV4_5_LDR(1, 0));

  1303. 

  1304. 	/* clear interpret mode */

  1305. 	cp15c15 &= ~0x1;

  1306. 	arm920t_write_cp15_physical(target, CP15PHYS_TESTSTATE, cp15c15);

  1307. 

  1308. 	/* read I TLB lockdown stored to r1 */

  1309. 	arm9tdmi_read_core_regs(target, 0x2, regs_p);

  1310. 	retval = jtag_execute_queue();

  1311. 	if (retval != ERROR_OK)

  1312. 		return retval;

  1313. 	Ilockdown = regs[1];

  1314. 

  1315. 	for (victim = 0; victim < 64; victim += 8) {

  1316. 		/* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]

  1317. 		 * base remains unchanged, victim goes through entries 0 to 63

  1318. 		 */

  1319. 		regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);

  1320. 		arm9tdmi_write_core_regs(target, 0x2, regs);

  1321. 

  1322. 		/* set interpret mode */

  1323. 		cp15c15 |= 0x1;

  1324. 		arm920t_write_cp15_physical(target,

  1325. 			CP15PHYS_TESTSTATE, cp15c15);

  1326. 

  1327. 		/* Write I TLB lockdown */

  1328. 		arm920t_execute_cp15(target,

  1329. 			ARMV4_5_MCR(15, 0, 0, 10, 0, 1),

  1330. 			ARMV4_5_STR(1, 0));

  1331. 

  1332. 		/* Read I TLB CAM */

  1333. 		arm920t_execute_cp15(target,

  1334. 			ARMV4_5_MCR(15, 4, 0, 15, 5, 4),

  1335. 			ARMV4_5_LDMIA(0, 0x3fc, 0, 0));

  1336. 

  1337. 		/* clear interpret mode */

  1338. 		cp15c15 &= ~0x1;

  1339. 		arm920t_write_cp15_physical(target,

  1340. 			CP15PHYS_TESTSTATE, cp15c15);

  1341. 

  1342. 		/* read I TLB CAM content stored to r2-r9 */

  1343. 		arm9tdmi_read_core_regs(target, 0x3fc, regs_p);

  1344. 		retval = jtag_execute_queue();

  1345. 		if (retval != ERROR_OK)

  1346. 			return retval;

  1347. 

  1348. 		for (i = 0; i < 8; i++)

  1349. 			i_tlb[i + victim].cam = regs[i + 2];

  1350. 	}

  1351. 

  1352. 	for (victim = 0; victim < 64; victim++) {

  1353. 		/* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]

  1354. 		 * base remains unchanged, victim goes through entries 0 to 63

  1355. 		 */

  1356. 		regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);

  1357. 		arm9tdmi_write_core_regs(target, 0x2, regs);

  1358. 

  1359. 		/* set interpret mode */

  1360. 		cp15c15 |= 0x1;

  1361. 		arm920t_write_cp15_physical(target,

  1362. 			CP15PHYS_TESTSTATE, cp15c15);

  1363. 

  1364. 		/* Write I TLB lockdown */

  1365. 		arm920t_execute_cp15(target,

  1366. 			ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));

  1367. 

  1368. 		/* Read I TLB RAM1 */

  1369. 		arm920t_execute_cp15(target,

  1370. 			ARMV4_5_MCR(15, 4, 0, 15, 9, 4), ARMV4_5_LDR(2, 0));

  1371. 

  1372. 		/* Read I TLB RAM2 */

  1373. 		arm920t_execute_cp15(target,

  1374. 			ARMV4_5_MCR(15, 4, 0, 15, 1, 5), ARMV4_5_LDR(3, 0));

  1375. 

  1376. 		/* clear interpret mode */

  1377. 		cp15c15 &= ~0x1;

  1378. 		arm920t_write_cp15_physical(target,

  1379. 			CP15PHYS_TESTSTATE, cp15c15);

  1380. 

  1381. 		/* read I TLB RAM content stored to r2 and r3 */

  1382. 		arm9tdmi_read_core_regs(target, 0xc, regs_p);

  1383. 		retval = jtag_execute_queue();

  1384. 		if (retval != ERROR_OK)

  1385. 			return retval;

  1386. 

  1387. 		i_tlb[victim].ram1 = regs[2];

  1388. 		i_tlb[victim].ram2 = regs[3];

  1389. 	}

  1390. 

  1391. 	/* restore I TLB lockdown */

  1392. 	regs[1] = Ilockdown;

  1393. 	arm9tdmi_write_core_regs(target, 0x2, regs);

  1394. 

  1395. 	/* Write I TLB lockdown */

  1396. 	arm920t_execute_cp15(target,

  1397. 		ARMV4_5_MCR(15, 0, 0, 10, 0, 1), ARMV4_5_STR(1, 0));

  1398. 

  1399. 	/* restore CP15 MMU and Cache settings */

  1400. 	arm920t_write_cp15_physical(target, CP15PHYS_CTRL, cp15_ctrl_saved);

  1401. 

  1402. 	/* output data to file */

  1403. 	fprintf(output, "D TLB content:\n");

  1404. 	for (i = 0; i < 64; i++) {

  1405. 		fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32

  1406. 			" 0x%8.8" PRIx32 " %s\n",

  1407. 			i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2,

  1408. 			(d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");

  1409. 	}

  1410. 

  1411. 	fprintf(output, "\n\nI TLB content:\n");

  1412. 	for (i = 0; i < 64; i++) {

  1413. 		fprintf(output, "%i: 0x%8.8" PRIx32 " 0x%8.8" PRIx32

  1414. 			" 0x%8.8" PRIx32 " %s\n",

  1415. 			i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2,

  1416. 			(i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");

  1417. 	}

  1418. 

  1419. 	command_print(CMD_CTX, "mmu content successfully output to %s",

  1420. 		CMD_ARGV[0]);

  1421. 

  1422. 	fclose(output);

  1423. 

  1424. 	if (!is_arm_mode(arm->core_mode)) {

  1425. 		LOG_ERROR("not a valid arm core mode - communication failure?");

  1426. 		return ERROR_FAIL;

  1427. 	}

  1428. 

  1429. 	/* force writeback of the valid data */

  1430. 	r = arm->core_cache->reg_list;

  1431. 	r[0].dirty = r[0].valid;

  1432. 	r[1].dirty = r[1].valid;

  1433. 	r[2].dirty = r[2].valid;

  1434. 	r[3].dirty = r[3].valid;

  1435. 	r[4].dirty = r[4].valid;

  1436. 	r[5].dirty = r[5].valid;

  1437. 	r[6].dirty = r[6].valid;

  1438. 	r[7].dirty = r[7].valid;

  1439. 

  1440. 	r = arm_reg_current(arm, 8);

  1441. 	r->dirty = r->valid;

  1442. 

  1443. 	r = arm_reg_current(arm, 9);

  1444. 	r->dirty = r->valid;

  1445. 

  1446. 	return ERROR_OK;

  1447. }

  1448. 

  1449. COMMAND_HANDLER(arm920t_handle_cp15_command)

  1450. {

  1451. 	int retval;

  1452. 	struct target *target = get_current_target(CMD_CTX);

  1453. 	struct arm920t_common *arm920t = target_to_arm920(target);

  1454. 

  1455. 	retval = arm920t_verify_pointer(CMD_CTX, arm920t);

  1456. 	if (retval != ERROR_OK)

  1457. 		return retval;

  1458. 

  1459. 	if (target->state != TARGET_HALTED) {

  1460. 		command_print(CMD_CTX, "target must be stopped for "

  1461. 			"\"%s\" command", CMD_NAME);

  1462. 		return ERROR_OK;

  1463. 	}

  1464. 

  1465. 	/* one argument, read a register.

  1466. 	 * two arguments, write it.

  1467. 	 */

  1468. 	if (CMD_ARGC >= 1) {

  1469. 		int address;

  1470. 		COMMAND_PARSE_NUMBER(int, CMD_ARGV[0], address);

  1471. 

  1472. 		if (CMD_ARGC == 1) {

  1473. 			uint32_t value;

  1474. 			retval = arm920t_read_cp15_physical(target, address, &value);

  1475. 			if (retval != ERROR_OK) {

  1476. 				command_print(CMD_CTX,

  1477. 					"couldn't access reg %i", address);

  1478. 				return ERROR_OK;

  1479. 			}

  1480. 			retval = jtag_execute_queue();

  1481. 			if (retval != ERROR_OK)

  1482. 				return retval;

  1483. 

  1484. 			command_print(CMD_CTX, "%i: %8.8" PRIx32,

  1485. 				address, value);

  1486. 		} else if (CMD_ARGC == 2)   {

  1487. 			uint32_t value;

  1488. 			COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);

  1489. 			retval = arm920t_write_cp15_physical(target,

  1490. 					address, value);

  1491. 			if (retval != ERROR_OK) {

  1492. 				command_print(CMD_CTX,

  1493. 					"couldn't access reg %i", address);

  1494. 				/* REVISIT why lie? "return retval"? */

  1495. 				return ERROR_OK;

  1496. 			}

  1497. 			command_print(CMD_CTX, "%i: %8.8" PRIx32,

  1498. 				address, value);

  1499. 		}

  1500. 	}

  1501. 

  1502. 	return ERROR_OK;

  1503. }

  1504. 

  1505. COMMAND_HANDLER(arm920t_handle_cp15i_command)

  1506. {

  1507. 	int retval;

  1508. 	struct target *target = get_current_target(CMD_CTX);

  1509. 	struct arm920t_common *arm920t = target_to_arm920(target);

  1510. 

  1511. 	retval = arm920t_verify_pointer(CMD_CTX, arm920t);

  1512. 	if (retval != ERROR_OK)

  1513. 		return retval;

  1514. 

  1515. 

  1516. 	if (target->state != TARGET_HALTED) {

  1517. 		command_print(CMD_CTX, "target must be stopped for "

  1518. 			"\"%s\" command", CMD_NAME);

  1519. 		return ERROR_OK;

  1520. 	}

  1521. 

  1522. 	/* one argument, read a register.

  1523. 	 * two arguments, write it.

  1524. 	 */

  1525. 	if (CMD_ARGC >= 1) {

  1526. 		uint32_t opcode;

  1527. 		COMMAND_PARSE_NUMBER(u32, CMD_ARGV[0], opcode);

  1528. 

  1529. 		if (CMD_ARGC == 1) {

  1530. 			uint32_t value;

  1531. 			retval = arm920t_read_cp15_interpreted(target,

  1532. 					opcode, 0x0, &value);

  1533. 			if (retval != ERROR_OK) {

  1534. 				command_print(CMD_CTX,

  1535. 					"couldn't execute %8.8" PRIx32,

  1536. 					opcode);

  1537. 				/* REVISIT why lie? "return retval"? */

  1538. 				return ERROR_OK;

  1539. 			}

  1540. 

  1541. 			command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,

  1542. 				opcode, value);

  1543. 		} else if (CMD_ARGC == 2) {

  1544. 			uint32_t value;

  1545. 			COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);

  1546. 			retval = arm920t_write_cp15_interpreted(target,

  1547. 					opcode, value, 0);

  1548. 			if (retval != ERROR_OK) {

  1549. 				command_print(CMD_CTX,

  1550. 					"couldn't execute %8.8" PRIx32,

  1551. 					opcode);

  1552. 				/* REVISIT why lie? "return retval"? */

  1553. 				return ERROR_OK;

  1554. 			}

  1555. 			command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32,

  1556. 				opcode, value);

  1557. 		} else if (CMD_ARGC == 3) {

  1558. 			uint32_t value;

  1559. 			COMMAND_PARSE_NUMBER(u32, CMD_ARGV[1], value);

  1560. 			uint32_t address;

  1561. 			COMMAND_PARSE_NUMBER(u32, CMD_ARGV[2], address);

  1562. 			retval = arm920t_write_cp15_interpreted(target,

  1563. 					opcode, value, address);

  1564. 			if (retval != ERROR_OK) {

  1565. 				command_print(CMD_CTX,

  1566. 					"couldn't execute %8.8" PRIx32, opcode);

  1567. 				/* REVISIT why lie? "return retval"? */

  1568. 				return ERROR_OK;

  1569. 			}

  1570. 			command_print(CMD_CTX, "%8.8" PRIx32 ": %8.8" PRIx32

  1571. 				" %8.8" PRIx32, opcode, value, address);

  1572. 		}

  1573. 	} else

  1574. 		return ERROR_COMMAND_SYNTAX_ERROR;

  1575. 

  1576. 	return ERROR_OK;

  1577. }

  1578. 

  1579. COMMAND_HANDLER(arm920t_handle_cache_info_command)

  1580. {

  1581. 	int retval;

  1582. 	struct target *target = get_current_target(CMD_CTX);

  1583. 	struct arm920t_common *arm920t = target_to_arm920(target);

  1584. 

  1585. 	retval = arm920t_verify_pointer(CMD_CTX, arm920t);

  1586. 	if (retval != ERROR_OK)

  1587. 		return retval;

  1588. 

  1589. 	return armv4_5_handle_cache_info_command(CMD_CTX,

  1590. 		&arm920t->armv4_5_mmu.armv4_5_cache);

  1591. }

  1592. 

  1593. 

  1594. static int arm920t_mrc(struct target *target, int cpnum,

  1595. 	uint32_t op1, uint32_t op2,

  1596. 	uint32_t CRn, uint32_t CRm,

  1597. 	uint32_t *value)

  1598. {

  1599. 	if (cpnum != 15) {

  1600. 		LOG_ERROR("Only cp15 is supported");

  1601. 		return ERROR_FAIL;

  1602. 	}

  1603. 

  1604. 	/* read "to" r0 */

  1605. 	return arm920t_read_cp15_interpreted(target,

  1606. 		ARMV4_5_MRC(cpnum, op1, 0, CRn, CRm, op2),

  1607. 		0, value);

  1608. }

  1609. 

  1610. static int arm920t_mcr(struct target *target, int cpnum,

  1611. 	uint32_t op1, uint32_t op2,

  1612. 	uint32_t CRn, uint32_t CRm,

  1613. 	uint32_t value)

  1614. {

  1615. 	if (cpnum != 15) {

  1616. 		LOG_ERROR("Only cp15 is supported");

  1617. 		return ERROR_FAIL;

  1618. 	}

  1619. 

  1620. 	/* write "from" r0 */

  1621. 	return arm920t_write_cp15_interpreted(target,

  1622. 		ARMV4_5_MCR(cpnum, op1, 0, CRn, CRm, op2),

  1623. 		0, value);

  1624. }

  1625. 

  1626. static const struct command_registration arm920t_exec_command_handlers[] = {

  1627. 	{

  1628. 		.name = "cp15",

  1629. 		.handler = arm920t_handle_cp15_command,

  1630. 		.mode = COMMAND_EXEC,

  1631. 		.help = "display/modify cp15 register",

  1632. 		.usage = "regnum [value]",

  1633. 	},

  1634. 	{

  1635. 		.name = "cp15i",

  1636. 		.handler = arm920t_handle_cp15i_command,

  1637. 		.mode = COMMAND_EXEC,

  1638. 		/* prefer using less error-prone "arm mcr" or "arm mrc" */

  1639. 		.help = "display/modify cp15 register using ARM opcode"

  1640. 			" (DEPRECATED)",

  1641. 		.usage = "instruction [value [address]]",

  1642. 	},

  1643. 	{

  1644. 		.name = "cache_info",

  1645. 		.handler = arm920t_handle_cache_info_command,

  1646. 		.mode = COMMAND_EXEC,

  1647. 		.usage = "",

  1648. 		.help = "display information about target caches",

  1649. 	},

  1650. 	{

  1651. 		.name = "read_cache",

  1652. 		.handler = arm920t_handle_read_cache_command,

  1653. 		.mode = COMMAND_EXEC,

  1654. 		.help = "dump I/D cache content to file",

  1655. 		.usage = "filename",

  1656. 	},

  1657. 	{

  1658. 		.name = "read_mmu",

  1659. 		.handler = arm920t_handle_read_mmu_command,

  1660. 		.mode = COMMAND_EXEC,

  1661. 		.help = "dump I/D mmu content to file",

  1662. 		.usage = "filename",

  1663. 	},

  1664. 	COMMAND_REGISTRATION_DONE

  1665. };

  1666. const struct command_registration arm920t_command_handlers[] = {

  1667. 	{

  1668. 		.chain = arm9tdmi_command_handlers,

  1669. 	},

  1670. 	{

  1671. 		.name = "arm920t",

  1672. 		.mode = COMMAND_ANY,

  1673. 		.help = "arm920t command group",

  1674. 		.usage = "",

  1675. 		.chain = arm920t_exec_command_handlers,

  1676. 	},

  1677. 	COMMAND_REGISTRATION_DONE

  1678. };

  1679. 

  1680. /** Holds methods for ARM920 targets. */

  1681. struct target_type arm920t_target = {

  1682. 	.name = "arm920t",

  1683. 

  1684. 	.poll = arm7_9_poll,

  1685. 	.arch_state = arm920t_arch_state,

  1686. 

  1687. 	.target_request_data = arm7_9_target_request_data,

  1688. 

  1689. 	.halt = arm7_9_halt,

  1690. 	.resume = arm7_9_resume,

  1691. 	.step = arm7_9_step,

  1692. 

  1693. 	.assert_reset = arm7_9_assert_reset,

  1694. 	.deassert_reset = arm7_9_deassert_reset,

  1695. 	.soft_reset_halt = arm920t_soft_reset_halt,

  1696. 

  1697. 	.get_gdb_reg_list = arm_get_gdb_reg_list,

  1698. 

  1699. 	.read_memory = arm920t_read_memory,

  1700. 	.write_memory = arm920t_write_memory,

  1701. 	.read_phys_memory = arm920t_read_phys_memory,

  1702. 	.write_phys_memory = arm920t_write_phys_memory,

  1703. 	.mmu = arm920_mmu,

  1704. 	.virt2phys = arm920_virt2phys,

  1705. 

  1706. 	.bulk_write_memory = arm7_9_bulk_write_memory,

  1707. 

  1708. 	.checksum_memory = arm_checksum_memory,

  1709. 	.blank_check_memory = arm_blank_check_memory,

  1710. 

  1711. 	.run_algorithm = armv4_5_run_algorithm,

  1712. 

  1713. 	.add_breakpoint = arm7_9_add_breakpoint,

  1714. 	.remove_breakpoint = arm7_9_remove_breakpoint,

  1715. 	.add_watchpoint = arm7_9_add_watchpoint,

  1716. 	.remove_watchpoint = arm7_9_remove_watchpoint,

  1717. 

  1718. 	.commands = arm920t_command_handlers,

  1719. 	.target_create = arm920t_target_create,

  1720. 	.init_target = arm9tdmi_init_target,

  1721. 	.examine = arm7_9_examine,

  1722. 	.check_reset = arm7_9_check_reset,

  1723. };