You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1488 lines
46 KiB

  1. /***************************************************************************
  2. * Copyright (C) 2005 by Dominic Rath *
  3. * Dominic.Rath@gmx.de *
  4. * *
  5. * This program is free software; you can redistribute it and/or modify *
  6. * it under the terms of the GNU General Public License as published by *
  7. * the Free Software Foundation; either version 2 of the License, or *
  8. * (at your option) any later version. *
  9. * *
  10. * This program is distributed in the hope that it will be useful, *
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of *
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
  13. * GNU General Public License for more details. *
  14. * *
  15. * You should have received a copy of the GNU General Public License *
  16. * along with this program; if not, write to the *
  17. * Free Software Foundation, Inc., *
  18. * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
  19. ***************************************************************************/
  20. #ifdef HAVE_CONFIG_H
  21. #include "config.h"
  22. #endif
  23. #include "arm920t.h"
  24. #include "time_support.h"
  25. #include "target_type.h"
  26. #if 0
  27. #define _DEBUG_INSTRUCTION_EXECUTION_
  28. #endif
  29. /* cli handling */
  30. int arm920t_register_commands(struct command_context_s *cmd_ctx);
  31. int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
  32. int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
  33. int arm920t_handle_virt2phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
  34. int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
  35. int arm920t_handle_md_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
  36. int arm920t_handle_mw_phys_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
  37. int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
  38. int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc);
  39. /* forward declarations */
  40. int arm920t_target_create(struct target_s *target, Jim_Interp *interp);
  41. int arm920t_init_target(struct command_context_s *cmd_ctx, struct target_s *target);
  42. int arm920t_quit(void);
  43. int arm920t_arch_state(struct target_s *target);
  44. int arm920t_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
  45. int arm920t_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer);
  46. int arm920t_soft_reset_halt(struct target_s *target);
  47. #define ARM920T_CP15_PHYS_ADDR(x, y, z) ((x << 5) | (y << 1) << (z))
  48. target_type_t arm920t_target =
  49. {
  50. .name = "arm920t",
  51. .poll = arm7_9_poll,
  52. .arch_state = arm920t_arch_state,
  53. .target_request_data = arm7_9_target_request_data,
  54. .halt = arm7_9_halt,
  55. .resume = arm7_9_resume,
  56. .step = arm7_9_step,
  57. .assert_reset = arm7_9_assert_reset,
  58. .deassert_reset = arm7_9_deassert_reset,
  59. .soft_reset_halt = arm920t_soft_reset_halt,
  60. .get_gdb_reg_list = armv4_5_get_gdb_reg_list,
  61. .read_memory = arm920t_read_memory,
  62. .write_memory = arm920t_write_memory,
  63. .bulk_write_memory = arm7_9_bulk_write_memory,
  64. .checksum_memory = arm7_9_checksum_memory,
  65. .blank_check_memory = arm7_9_blank_check_memory,
  66. .run_algorithm = armv4_5_run_algorithm,
  67. .add_breakpoint = arm7_9_add_breakpoint,
  68. .remove_breakpoint = arm7_9_remove_breakpoint,
  69. .add_watchpoint = arm7_9_add_watchpoint,
  70. .remove_watchpoint = arm7_9_remove_watchpoint,
  71. .register_commands = arm920t_register_commands,
  72. .target_create = arm920t_target_create,
  73. .init_target = arm920t_init_target,
  74. .examine = arm9tdmi_examine,
  75. .quit = arm920t_quit
  76. };
  77. int arm920t_read_cp15_physical(target_t *target, int reg_addr, u32 *value)
  78. {
  79. armv4_5_common_t *armv4_5 = target->arch_info;
  80. arm7_9_common_t *arm7_9 = armv4_5->arch_info;
  81. arm_jtag_t *jtag_info = &arm7_9->jtag_info;
  82. scan_field_t fields[4];
  83. u8 access_type_buf = 1;
  84. u8 reg_addr_buf = reg_addr & 0x3f;
  85. u8 nr_w_buf = 0;
  86. jtag_set_end_state(TAP_IDLE);
  87. arm_jtag_scann(jtag_info, 0xf);
  88. arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
  89. fields[0].tap = jtag_info->tap;
  90. fields[0].num_bits = 1;
  91. fields[0].out_value = &access_type_buf;
  92. fields[0].in_value = NULL;
  93. fields[1].tap = jtag_info->tap;
  94. fields[1].num_bits = 32;
  95. fields[1].out_value = NULL;
  96. fields[1].in_value = NULL;
  97. fields[2].tap = jtag_info->tap;
  98. fields[2].num_bits = 6;
  99. fields[2].out_value = &reg_addr_buf;
  100. fields[2].in_value = NULL;
  101. fields[3].tap = jtag_info->tap;
  102. fields[3].num_bits = 1;
  103. fields[3].out_value = &nr_w_buf;
  104. fields[3].in_value = NULL;
  105. jtag_add_dr_scan(4, fields, jtag_get_end_state());
  106. fields[1].in_value = (u8 *)value;
  107. jtag_add_dr_scan(4, fields, jtag_get_end_state());
  108. jtag_add_callback(arm_le_to_h_u32, (u8 *)value);
  109. #ifdef _DEBUG_INSTRUCTION_EXECUTION_
  110. jtag_execute_queue();
  111. LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, *value);
  112. #endif
  113. return ERROR_OK;
  114. }
  115. int arm920t_write_cp15_physical(target_t *target, int reg_addr, u32 value)
  116. {
  117. armv4_5_common_t *armv4_5 = target->arch_info;
  118. arm7_9_common_t *arm7_9 = armv4_5->arch_info;
  119. arm_jtag_t *jtag_info = &arm7_9->jtag_info;
  120. scan_field_t fields[4];
  121. u8 access_type_buf = 1;
  122. u8 reg_addr_buf = reg_addr & 0x3f;
  123. u8 nr_w_buf = 1;
  124. u8 value_buf[4];
  125. buf_set_u32(value_buf, 0, 32, value);
  126. jtag_set_end_state(TAP_IDLE);
  127. arm_jtag_scann(jtag_info, 0xf);
  128. arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
  129. fields[0].tap = jtag_info->tap;
  130. fields[0].num_bits = 1;
  131. fields[0].out_value = &access_type_buf;
  132. fields[0].in_value = NULL;
  133. fields[1].tap = jtag_info->tap;
  134. fields[1].num_bits = 32;
  135. fields[1].out_value = value_buf;
  136. fields[1].in_value = NULL;
  137. fields[2].tap = jtag_info->tap;
  138. fields[2].num_bits = 6;
  139. fields[2].out_value = &reg_addr_buf;
  140. fields[2].in_value = NULL;
  141. fields[3].tap = jtag_info->tap;
  142. fields[3].num_bits = 1;
  143. fields[3].out_value = &nr_w_buf;
  144. fields[3].in_value = NULL;
  145. jtag_add_dr_scan(4, fields, jtag_get_end_state());
  146. #ifdef _DEBUG_INSTRUCTION_EXECUTION_
  147. LOG_DEBUG("addr: 0x%x value: %8.8x", reg_addr, value);
  148. #endif
  149. return ERROR_OK;
  150. }
  151. int arm920t_execute_cp15(target_t *target, u32 cp15_opcode, u32 arm_opcode)
  152. {
  153. int retval;
  154. armv4_5_common_t *armv4_5 = target->arch_info;
  155. arm7_9_common_t *arm7_9 = armv4_5->arch_info;
  156. arm_jtag_t *jtag_info = &arm7_9->jtag_info;
  157. scan_field_t fields[4];
  158. u8 access_type_buf = 0; /* interpreted access */
  159. u8 reg_addr_buf = 0x0;
  160. u8 nr_w_buf = 0;
  161. u8 cp15_opcode_buf[4];
  162. jtag_set_end_state(TAP_IDLE);
  163. arm_jtag_scann(jtag_info, 0xf);
  164. arm_jtag_set_instr(jtag_info, jtag_info->intest_instr, NULL);
  165. buf_set_u32(cp15_opcode_buf, 0, 32, cp15_opcode);
  166. fields[0].tap = jtag_info->tap;
  167. fields[0].num_bits = 1;
  168. fields[0].out_value = &access_type_buf;
  169. fields[0].in_value = NULL;
  170. fields[1].tap = jtag_info->tap;
  171. fields[1].num_bits = 32;
  172. fields[1].out_value = cp15_opcode_buf;
  173. fields[1].in_value = NULL;
  174. fields[2].tap = jtag_info->tap;
  175. fields[2].num_bits = 6;
  176. fields[2].out_value = &reg_addr_buf;
  177. fields[2].in_value = NULL;
  178. fields[3].tap = jtag_info->tap;
  179. fields[3].num_bits = 1;
  180. fields[3].out_value = &nr_w_buf;
  181. fields[3].in_value = NULL;
  182. jtag_add_dr_scan(4, fields, jtag_get_end_state());
  183. arm9tdmi_clock_out(jtag_info, arm_opcode, 0, NULL, 0);
  184. arm9tdmi_clock_out(jtag_info, ARMV4_5_NOP, 0, NULL, 1);
  185. retval = arm7_9_execute_sys_speed(target);
  186. if (retval != ERROR_OK)
  187. return retval;
  188. if ((retval = jtag_execute_queue()) != ERROR_OK)
  189. {
  190. LOG_ERROR("failed executing JTAG queue, exiting");
  191. return retval;
  192. }
  193. return ERROR_OK;
  194. }
  195. int arm920t_read_cp15_interpreted(target_t *target, u32 cp15_opcode, u32 address, u32 *value)
  196. {
  197. armv4_5_common_t *armv4_5 = target->arch_info;
  198. u32* regs_p[1];
  199. u32 regs[2];
  200. u32 cp15c15 = 0x0;
  201. /* load address into R1 */
  202. regs[1] = address;
  203. arm9tdmi_write_core_regs(target, 0x2, regs);
  204. /* read-modify-write CP15 test state register
  205. * to enable interpreted access mode */
  206. arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
  207. jtag_execute_queue();
  208. cp15c15 |= 1; /* set interpret mode */
  209. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  210. /* execute CP15 instruction and ARM load (reading from coprocessor) */
  211. arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_LDR(0, 1));
  212. /* disable interpreted access mode */
  213. cp15c15 &= ~1U; /* clear interpret mode */
  214. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  215. /* retrieve value from R0 */
  216. regs_p[0] = value;
  217. arm9tdmi_read_core_regs(target, 0x1, regs_p);
  218. jtag_execute_queue();
  219. #ifdef _DEBUG_INSTRUCTION_EXECUTION_
  220. LOG_DEBUG("cp15_opcode: %8.8x, address: %8.8x, value: %8.8x", cp15_opcode, address, *value);
  221. #endif
  222. if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
  223. return ERROR_FAIL;
  224. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
  225. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
  226. return ERROR_OK;
  227. }
  228. int arm920t_write_cp15_interpreted(target_t *target, u32 cp15_opcode, u32 value, u32 address)
  229. {
  230. u32 cp15c15 = 0x0;
  231. armv4_5_common_t *armv4_5 = target->arch_info;
  232. u32 regs[2];
  233. /* load value, address into R0, R1 */
  234. regs[0] = value;
  235. regs[1] = address;
  236. arm9tdmi_write_core_regs(target, 0x3, regs);
  237. /* read-modify-write CP15 test state register
  238. * to enable interpreted access mode */
  239. arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
  240. jtag_execute_queue();
  241. cp15c15 |= 1; /* set interpret mode */
  242. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  243. /* execute CP15 instruction and ARM store (writing to coprocessor) */
  244. arm920t_execute_cp15(target, cp15_opcode, ARMV4_5_STR(0, 1));
  245. /* disable interpreted access mode */
  246. cp15c15 &= ~1U; /* set interpret mode */
  247. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  248. #ifdef _DEBUG_INSTRUCTION_EXECUTION_
  249. LOG_DEBUG("cp15_opcode: %8.8x, value: %8.8x, address: %8.8x", cp15_opcode, value, address);
  250. #endif
  251. if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
  252. return ERROR_FAIL;
  253. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = 1;
  254. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = 1;
  255. return ERROR_OK;
  256. }
  257. u32 arm920t_get_ttb(target_t *target)
  258. {
  259. int retval;
  260. u32 ttb = 0x0;
  261. if ((retval = arm920t_read_cp15_interpreted(target, 0xeebf0f51, 0x0, &ttb)) != ERROR_OK)
  262. return retval;
  263. return ttb;
  264. }
  265. void arm920t_disable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
  266. {
  267. u32 cp15_control;
  268. /* read cp15 control register */
  269. arm920t_read_cp15_physical(target, 0x2, &cp15_control);
  270. jtag_execute_queue();
  271. if (mmu)
  272. cp15_control &= ~0x1U;
  273. if (d_u_cache)
  274. cp15_control &= ~0x4U;
  275. if (i_cache)
  276. cp15_control &= ~0x1000U;
  277. arm920t_write_cp15_physical(target, 0x2, cp15_control);
  278. }
  279. void arm920t_enable_mmu_caches(target_t *target, int mmu, int d_u_cache, int i_cache)
  280. {
  281. u32 cp15_control;
  282. /* read cp15 control register */
  283. arm920t_read_cp15_physical(target, 0x2, &cp15_control);
  284. jtag_execute_queue();
  285. if (mmu)
  286. cp15_control |= 0x1U;
  287. if (d_u_cache)
  288. cp15_control |= 0x4U;
  289. if (i_cache)
  290. cp15_control |= 0x1000U;
  291. arm920t_write_cp15_physical(target, 0x2, cp15_control);
  292. }
  293. void arm920t_post_debug_entry(target_t *target)
  294. {
  295. u32 cp15c15;
  296. armv4_5_common_t *armv4_5 = target->arch_info;
  297. arm7_9_common_t *arm7_9 = armv4_5->arch_info;
  298. arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
  299. arm920t_common_t *arm920t = arm9tdmi->arch_info;
  300. /* examine cp15 control reg */
  301. arm920t_read_cp15_physical(target, 0x2, &arm920t->cp15_control_reg);
  302. jtag_execute_queue();
  303. LOG_DEBUG("cp15_control_reg: %8.8x", arm920t->cp15_control_reg);
  304. if (arm920t->armv4_5_mmu.armv4_5_cache.ctype == -1)
  305. {
  306. u32 cache_type_reg;
  307. /* identify caches */
  308. arm920t_read_cp15_physical(target, 0x1, &cache_type_reg);
  309. jtag_execute_queue();
  310. armv4_5_identify_cache(cache_type_reg, &arm920t->armv4_5_mmu.armv4_5_cache);
  311. }
  312. arm920t->armv4_5_mmu.mmu_enabled = (arm920t->cp15_control_reg & 0x1U) ? 1 : 0;
  313. arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = (arm920t->cp15_control_reg & 0x4U) ? 1 : 0;
  314. arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = (arm920t->cp15_control_reg & 0x1000U) ? 1 : 0;
  315. /* save i/d fault status and address register */
  316. arm920t_read_cp15_interpreted(target, 0xee150f10, 0x0, &arm920t->d_fsr);
  317. arm920t_read_cp15_interpreted(target, 0xee150f30, 0x0, &arm920t->i_fsr);
  318. arm920t_read_cp15_interpreted(target, 0xee160f10, 0x0, &arm920t->d_far);
  319. arm920t_read_cp15_interpreted(target, 0xee160f30, 0x0, &arm920t->i_far);
  320. LOG_DEBUG("D FSR: 0x%8.8x, D FAR: 0x%8.8x, I FSR: 0x%8.8x, I FAR: 0x%8.8x",
  321. arm920t->d_fsr, arm920t->d_far, arm920t->i_fsr, arm920t->i_far);
  322. if (arm920t->preserve_cache)
  323. {
  324. /* read-modify-write CP15 test state register
  325. * to disable I/D-cache linefills */
  326. arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
  327. jtag_execute_queue();
  328. cp15c15 |= 0x600;
  329. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  330. }
  331. }
  332. void arm920t_pre_restore_context(target_t *target)
  333. {
  334. u32 cp15c15;
  335. armv4_5_common_t *armv4_5 = target->arch_info;
  336. arm7_9_common_t *arm7_9 = armv4_5->arch_info;
  337. arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
  338. arm920t_common_t *arm920t = arm9tdmi->arch_info;
  339. /* restore i/d fault status and address register */
  340. arm920t_write_cp15_interpreted(target, 0xee050f10, arm920t->d_fsr, 0x0);
  341. arm920t_write_cp15_interpreted(target, 0xee050f30, arm920t->i_fsr, 0x0);
  342. arm920t_write_cp15_interpreted(target, 0xee060f10, arm920t->d_far, 0x0);
  343. arm920t_write_cp15_interpreted(target, 0xee060f30, arm920t->i_far, 0x0);
  344. /* read-modify-write CP15 test state register
  345. * to reenable I/D-cache linefills */
  346. if (arm920t->preserve_cache)
  347. {
  348. arm920t_read_cp15_physical(target, 0x1e, &cp15c15);
  349. jtag_execute_queue();
  350. cp15c15 &= ~0x600U;
  351. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  352. }
  353. }
  354. int arm920t_get_arch_pointers(target_t *target, armv4_5_common_t **armv4_5_p, arm7_9_common_t **arm7_9_p, arm9tdmi_common_t **arm9tdmi_p, arm920t_common_t **arm920t_p)
  355. {
  356. armv4_5_common_t *armv4_5 = target->arch_info;
  357. arm7_9_common_t *arm7_9;
  358. arm9tdmi_common_t *arm9tdmi;
  359. arm920t_common_t *arm920t;
  360. if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
  361. {
  362. return -1;
  363. }
  364. arm7_9 = armv4_5->arch_info;
  365. if (arm7_9->common_magic != ARM7_9_COMMON_MAGIC)
  366. {
  367. return -1;
  368. }
  369. arm9tdmi = arm7_9->arch_info;
  370. if (arm9tdmi->common_magic != ARM9TDMI_COMMON_MAGIC)
  371. {
  372. return -1;
  373. }
  374. arm920t = arm9tdmi->arch_info;
  375. if (arm920t->common_magic != ARM920T_COMMON_MAGIC)
  376. {
  377. return -1;
  378. }
  379. *armv4_5_p = armv4_5;
  380. *arm7_9_p = arm7_9;
  381. *arm9tdmi_p = arm9tdmi;
  382. *arm920t_p = arm920t;
  383. return ERROR_OK;
  384. }
  385. int arm920t_arch_state(struct target_s *target)
  386. {
  387. armv4_5_common_t *armv4_5 = target->arch_info;
  388. arm7_9_common_t *arm7_9 = armv4_5->arch_info;
  389. arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
  390. arm920t_common_t *arm920t = arm9tdmi->arch_info;
  391. char *state[] =
  392. {
  393. "disabled", "enabled"
  394. };
  395. if (armv4_5->common_magic != ARMV4_5_COMMON_MAGIC)
  396. {
  397. LOG_ERROR("BUG: called for a non-ARMv4/5 target");
  398. exit(-1);
  399. }
  400. LOG_USER( "target halted in %s state due to %s, current mode: %s\n"
  401. "cpsr: 0x%8.8x pc: 0x%8.8x\n"
  402. "MMU: %s, D-Cache: %s, I-Cache: %s",
  403. armv4_5_state_strings[armv4_5->core_state],
  404. Jim_Nvp_value2name_simple(nvp_target_debug_reason, target->debug_reason)->name,
  405. armv4_5_mode_strings[armv4_5_mode_to_number(armv4_5->core_mode)],
  406. buf_get_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 32),
  407. buf_get_u32(armv4_5->core_cache->reg_list[15].value, 0, 32),
  408. state[arm920t->armv4_5_mmu.mmu_enabled],
  409. state[arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled],
  410. state[arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled]);
  411. return ERROR_OK;
  412. }
  413. int arm920t_read_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
  414. {
  415. int retval;
  416. retval = arm7_9_read_memory(target, address, size, count, buffer);
  417. return retval;
  418. }
  419. int arm920t_write_memory(struct target_s *target, u32 address, u32 size, u32 count, u8 *buffer)
  420. {
  421. int retval;
  422. armv4_5_common_t *armv4_5 = target->arch_info;
  423. arm7_9_common_t *arm7_9 = armv4_5->arch_info;
  424. arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
  425. arm920t_common_t *arm920t = arm9tdmi->arch_info;
  426. if ((retval = arm7_9_write_memory(target, address, size, count, buffer)) != ERROR_OK)
  427. return retval;
  428. if (((size == 4) || (size == 2)) && (count == 1))
  429. {
  430. if (arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled)
  431. {
  432. LOG_DEBUG("D-Cache enabled, writing through to main memory");
  433. u32 pa, cb, ap;
  434. int type, domain;
  435. pa = armv4_5_mmu_translate_va(target, &arm920t->armv4_5_mmu, address, &type, &cb, &domain, &ap);
  436. if (type == -1)
  437. return ERROR_OK;
  438. /* cacheable & bufferable means write-back region */
  439. if (cb == 3)
  440. armv4_5_mmu_write_physical(target, &arm920t->armv4_5_mmu, pa, size, count, buffer);
  441. }
  442. if (arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled)
  443. {
  444. LOG_DEBUG("I-Cache enabled, invalidating affected I-Cache line");
  445. arm920t_write_cp15_interpreted(target, 0xee070f35, 0x0, address);
  446. }
  447. }
  448. return retval;
  449. }
  450. int arm920t_soft_reset_halt(struct target_s *target)
  451. {
  452. int retval = ERROR_OK;
  453. armv4_5_common_t *armv4_5 = target->arch_info;
  454. arm7_9_common_t *arm7_9 = armv4_5->arch_info;
  455. arm9tdmi_common_t *arm9tdmi = arm7_9->arch_info;
  456. arm920t_common_t *arm920t = arm9tdmi->arch_info;
  457. reg_t *dbg_stat = &arm7_9->eice_cache->reg_list[EICE_DBG_STAT];
  458. if ((retval = target_halt(target)) != ERROR_OK)
  459. {
  460. return retval;
  461. }
  462. long long then=timeval_ms();
  463. int timeout;
  464. while (!(timeout=((timeval_ms()-then)>1000)))
  465. {
  466. if (buf_get_u32(dbg_stat->value, EICE_DBG_STATUS_DBGACK, 1) == 0)
  467. {
  468. embeddedice_read_reg(dbg_stat);
  469. if ((retval = jtag_execute_queue()) != ERROR_OK)
  470. {
  471. return retval;
  472. }
  473. } else
  474. {
  475. break;
  476. }
  477. if (debug_level>=3)
  478. {
  479. /* do not eat all CPU, time out after 1 se*/
  480. alive_sleep(100);
  481. } else
  482. {
  483. keep_alive();
  484. }
  485. }
  486. if (timeout)
  487. {
  488. LOG_ERROR("Failed to halt CPU after 1 sec");
  489. return ERROR_TARGET_TIMEOUT;
  490. }
  491. target->state = TARGET_HALTED;
  492. /* SVC, ARM state, IRQ and FIQ disabled */
  493. buf_set_u32(armv4_5->core_cache->reg_list[ARMV4_5_CPSR].value, 0, 8, 0xd3);
  494. armv4_5->core_cache->reg_list[ARMV4_5_CPSR].dirty = 1;
  495. armv4_5->core_cache->reg_list[ARMV4_5_CPSR].valid = 1;
  496. /* start fetching from 0x0 */
  497. buf_set_u32(armv4_5->core_cache->reg_list[15].value, 0, 32, 0x0);
  498. armv4_5->core_cache->reg_list[15].dirty = 1;
  499. armv4_5->core_cache->reg_list[15].valid = 1;
  500. armv4_5->core_mode = ARMV4_5_MODE_SVC;
  501. armv4_5->core_state = ARMV4_5_STATE_ARM;
  502. arm920t_disable_mmu_caches(target, 1, 1, 1);
  503. arm920t->armv4_5_mmu.mmu_enabled = 0;
  504. arm920t->armv4_5_mmu.armv4_5_cache.d_u_cache_enabled = 0;
  505. arm920t->armv4_5_mmu.armv4_5_cache.i_cache_enabled = 0;
  506. if ((retval = target_call_event_callbacks(target, TARGET_EVENT_HALTED)) != ERROR_OK)
  507. {
  508. return retval;
  509. }
  510. return ERROR_OK;
  511. }
  512. int arm920t_init_target(struct command_context_s *cmd_ctx, struct target_s *target)
  513. {
  514. arm9tdmi_init_target(cmd_ctx, target);
  515. return ERROR_OK;
  516. }
  517. int arm920t_quit(void)
  518. {
  519. return ERROR_OK;
  520. }
  521. int arm920t_init_arch_info(target_t *target, arm920t_common_t *arm920t, jtag_tap_t *tap)
  522. {
  523. arm9tdmi_common_t *arm9tdmi = &arm920t->arm9tdmi_common;
  524. arm7_9_common_t *arm7_9 = &arm9tdmi->arm7_9_common;
  525. /* initialize arm9tdmi specific info (including arm7_9 and armv4_5)
  526. */
  527. arm9tdmi_init_arch_info(target, arm9tdmi, tap);
  528. arm9tdmi->arch_info = arm920t;
  529. arm920t->common_magic = ARM920T_COMMON_MAGIC;
  530. arm7_9->post_debug_entry = arm920t_post_debug_entry;
  531. arm7_9->pre_restore_context = arm920t_pre_restore_context;
  532. arm920t->armv4_5_mmu.armv4_5_cache.ctype = -1;
  533. arm920t->armv4_5_mmu.get_ttb = arm920t_get_ttb;
  534. arm920t->armv4_5_mmu.read_memory = arm7_9_read_memory;
  535. arm920t->armv4_5_mmu.write_memory = arm7_9_write_memory;
  536. arm920t->armv4_5_mmu.disable_mmu_caches = arm920t_disable_mmu_caches;
  537. arm920t->armv4_5_mmu.enable_mmu_caches = arm920t_enable_mmu_caches;
  538. arm920t->armv4_5_mmu.has_tiny_pages = 1;
  539. arm920t->armv4_5_mmu.mmu_enabled = 0;
  540. /* disabling linefills leads to lockups, so keep them enabled for now
  541. * this doesn't affect correctness, but might affect timing issues, if
  542. * important data is evicted from the cache during the debug session
  543. * */
  544. arm920t->preserve_cache = 0;
  545. /* override hw single-step capability from ARM9TDMI */
  546. arm7_9->has_single_step = 1;
  547. return ERROR_OK;
  548. }
  549. int arm920t_target_create(struct target_s *target, Jim_Interp *interp)
  550. {
  551. arm920t_common_t *arm920t = calloc(1,sizeof(arm920t_common_t));
  552. arm920t_init_arch_info(target, arm920t, target->tap);
  553. return ERROR_OK;
  554. }
  555. int arm920t_register_commands(struct command_context_s *cmd_ctx)
  556. {
  557. int retval;
  558. command_t *arm920t_cmd;
  559. retval = arm9tdmi_register_commands(cmd_ctx);
  560. arm920t_cmd = register_command(cmd_ctx, NULL, "arm920t", NULL, COMMAND_ANY, "arm920t specific commands");
  561. register_command(cmd_ctx, arm920t_cmd, "cp15", arm920t_handle_cp15_command, COMMAND_EXEC, "display/modify cp15 register <num> [value]");
  562. register_command(cmd_ctx, arm920t_cmd, "cp15i", arm920t_handle_cp15i_command, COMMAND_EXEC, "display/modify cp15 (interpreted access) <opcode> [value] [address]");
  563. register_command(cmd_ctx, arm920t_cmd, "cache_info", arm920t_handle_cache_info_command, COMMAND_EXEC, "display information about target caches");
  564. register_command(cmd_ctx, arm920t_cmd, "virt2phys", arm920t_handle_virt2phys_command, COMMAND_EXEC, "translate va to pa <va>");
  565. register_command(cmd_ctx, arm920t_cmd, "mdw_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory words <physical addr> [count]");
  566. register_command(cmd_ctx, arm920t_cmd, "mdh_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory half-words <physical addr> [count]");
  567. register_command(cmd_ctx, arm920t_cmd, "mdb_phys", arm920t_handle_md_phys_command, COMMAND_EXEC, "display memory bytes <physical addr> [count]");
  568. register_command(cmd_ctx, arm920t_cmd, "mww_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory word <physical addr> <value>");
  569. register_command(cmd_ctx, arm920t_cmd, "mwh_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory half-word <physical addr> <value>");
  570. register_command(cmd_ctx, arm920t_cmd, "mwb_phys", arm920t_handle_mw_phys_command, COMMAND_EXEC, "write memory byte <physical addr> <value>");
  571. register_command(cmd_ctx, arm920t_cmd, "read_cache", arm920t_handle_read_cache_command, COMMAND_EXEC, "display I/D cache content");
  572. register_command(cmd_ctx, arm920t_cmd, "read_mmu", arm920t_handle_read_mmu_command, COMMAND_EXEC, "display I/D mmu content");
  573. return retval;
  574. }
  575. int arm920t_handle_read_cache_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
  576. {
  577. int retval = ERROR_OK;
  578. target_t *target = get_current_target(cmd_ctx);
  579. armv4_5_common_t *armv4_5;
  580. arm7_9_common_t *arm7_9;
  581. arm9tdmi_common_t *arm9tdmi;
  582. arm920t_common_t *arm920t;
  583. arm_jtag_t *jtag_info;
  584. u32 cp15c15;
  585. u32 cp15_ctrl, cp15_ctrl_saved;
  586. u32 regs[16];
  587. u32 *regs_p[16];
  588. u32 C15_C_D_Ind, C15_C_I_Ind;
  589. int i;
  590. FILE *output;
  591. arm920t_cache_line_t d_cache[8][64], i_cache[8][64];
  592. int segment, index;
  593. if (argc != 1)
  594. {
  595. command_print(cmd_ctx, "usage: arm920t read_cache <filename>");
  596. return ERROR_OK;
  597. }
  598. if ((output = fopen(args[0], "w")) == NULL)
  599. {
  600. LOG_DEBUG("error opening cache content file");
  601. return ERROR_OK;
  602. }
  603. for (i = 0; i < 16; i++)
  604. regs_p[i] = &regs[i];
  605. if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
  606. {
  607. command_print(cmd_ctx, "current target isn't an ARM920t target");
  608. return ERROR_OK;
  609. }
  610. jtag_info = &arm7_9->jtag_info;
  611. /* disable MMU and Caches */
  612. arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
  613. if ((retval = jtag_execute_queue()) != ERROR_OK)
  614. {
  615. return retval;
  616. }
  617. cp15_ctrl_saved = cp15_ctrl;
  618. cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
  619. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
  620. /* read CP15 test state register */
  621. arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
  622. jtag_execute_queue();
  623. /* read DCache content */
  624. fprintf(output, "DCache:\n");
  625. /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
  626. for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
  627. {
  628. fprintf(output, "\nsegment: %i\n----------", segment);
  629. /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
  630. regs[0] = 0x0 | (segment << 5);
  631. arm9tdmi_write_core_regs(target, 0x1, regs);
  632. /* set interpret mode */
  633. cp15c15 |= 0x1;
  634. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  635. /* D CAM Read, loads current victim into C15.C.D.Ind */
  636. arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(1, 0));
  637. /* read current victim */
  638. arm920t_read_cp15_physical(target, 0x3d, &C15_C_D_Ind);
  639. /* clear interpret mode */
  640. cp15c15 &= ~0x1;
  641. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  642. for (index = 0; index < 64; index++)
  643. {
  644. /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
  645. regs[0] = 0x0 | (segment << 5) | (index << 26);
  646. arm9tdmi_write_core_regs(target, 0x1, regs);
  647. /* set interpret mode */
  648. cp15c15 |= 0x1;
  649. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  650. /* Write DCache victim */
  651. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
  652. /* Read D RAM */
  653. arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,10,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
  654. /* Read D CAM */
  655. arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,6,2), ARMV4_5_LDR(9, 0));
  656. /* clear interpret mode */
  657. cp15c15 &= ~0x1;
  658. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  659. /* read D RAM and CAM content */
  660. arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
  661. if ((retval = jtag_execute_queue()) != ERROR_OK)
  662. {
  663. return retval;
  664. }
  665. d_cache[segment][index].cam = regs[9];
  666. /* mask LFSR[6] */
  667. regs[9] &= 0xfffffffe;
  668. fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8x, content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
  669. for (i = 1; i < 9; i++)
  670. {
  671. d_cache[segment][index].data[i] = regs[i];
  672. fprintf(output, "%i: 0x%8.8x\n", i-1, regs[i]);
  673. }
  674. }
  675. /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
  676. regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
  677. arm9tdmi_write_core_regs(target, 0x1, regs);
  678. /* set interpret mode */
  679. cp15c15 |= 0x1;
  680. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  681. /* Write DCache victim */
  682. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,0), ARMV4_5_LDR(1, 0));
  683. /* clear interpret mode */
  684. cp15c15 &= ~0x1;
  685. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  686. }
  687. /* read ICache content */
  688. fprintf(output, "ICache:\n");
  689. /* go through segments 0 to nsets (8 on ARM920T, 4 on ARM922T) */
  690. for (segment = 0; segment < arm920t->armv4_5_mmu.armv4_5_cache.d_u_size.nsets; segment++)
  691. {
  692. fprintf(output, "segment: %i\n----------", segment);
  693. /* Ra: r0 = SBZ(31:8):segment(7:5):SBZ(4:0) */
  694. regs[0] = 0x0 | (segment << 5);
  695. arm9tdmi_write_core_regs(target, 0x1, regs);
  696. /* set interpret mode */
  697. cp15c15 |= 0x1;
  698. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  699. /* I CAM Read, loads current victim into C15.C.I.Ind */
  700. arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(1, 0));
  701. /* read current victim */
  702. arm920t_read_cp15_physical(target, 0x3b, &C15_C_I_Ind);
  703. /* clear interpret mode */
  704. cp15c15 &= ~0x1;
  705. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  706. for (index = 0; index < 64; index++)
  707. {
  708. /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
  709. regs[0] = 0x0 | (segment << 5) | (index << 26);
  710. arm9tdmi_write_core_regs(target, 0x1, regs);
  711. /* set interpret mode */
  712. cp15c15 |= 0x1;
  713. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  714. /* Write ICache victim */
  715. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
  716. /* Read I RAM */
  717. arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,9,2), ARMV4_5_LDMIA(0, 0x1fe, 0, 0));
  718. /* Read I CAM */
  719. arm920t_execute_cp15(target, ARMV4_5_MCR(15,2,0,15,5,2), ARMV4_5_LDR(9, 0));
  720. /* clear interpret mode */
  721. cp15c15 &= ~0x1;
  722. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  723. /* read I RAM and CAM content */
  724. arm9tdmi_read_core_regs(target, 0x3fe, regs_p);
  725. if ((retval = jtag_execute_queue()) != ERROR_OK)
  726. {
  727. return retval;
  728. }
  729. i_cache[segment][index].cam = regs[9];
  730. /* mask LFSR[6] */
  731. regs[9] &= 0xfffffffe;
  732. fprintf(output, "\nsegment: %i, index: %i, CAM: 0x%8.8x, content (%s):\n", segment, index, regs[9], (regs[9] & 0x10) ? "valid" : "invalid");
  733. for (i = 1; i < 9; i++)
  734. {
  735. i_cache[segment][index].data[i] = regs[i];
  736. fprintf(output, "%i: 0x%8.8x\n", i-1, regs[i]);
  737. }
  738. }
  739. /* Ra: r0 = index(31:26):SBZ(25:8):segment(7:5):SBZ(4:0) */
  740. regs[0] = 0x0 | (segment << 5) | (C15_C_D_Ind << 26);
  741. arm9tdmi_write_core_regs(target, 0x1, regs);
  742. /* set interpret mode */
  743. cp15c15 |= 0x1;
  744. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  745. /* Write ICache victim */
  746. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,9,1,1), ARMV4_5_LDR(1, 0));
  747. /* clear interpret mode */
  748. cp15c15 &= ~0x1;
  749. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  750. }
  751. /* restore CP15 MMU and Cache settings */
  752. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
  753. command_print(cmd_ctx, "cache content successfully output to %s", args[0]);
  754. fclose(output);
  755. if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
  756. return ERROR_FAIL;
  757. /* mark registers dirty. */
  758. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
  759. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
  760. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
  761. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
  762. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
  763. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
  764. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
  765. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
  766. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
  767. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
  768. return ERROR_OK;
  769. }
  770. int arm920t_handle_read_mmu_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
  771. {
  772. int retval = ERROR_OK;
  773. target_t *target = get_current_target(cmd_ctx);
  774. armv4_5_common_t *armv4_5;
  775. arm7_9_common_t *arm7_9;
  776. arm9tdmi_common_t *arm9tdmi;
  777. arm920t_common_t *arm920t;
  778. arm_jtag_t *jtag_info;
  779. u32 cp15c15;
  780. u32 cp15_ctrl, cp15_ctrl_saved;
  781. u32 regs[16];
  782. u32 *regs_p[16];
  783. int i;
  784. FILE *output;
  785. u32 Dlockdown, Ilockdown;
  786. arm920t_tlb_entry_t d_tlb[64], i_tlb[64];
  787. int victim;
  788. if (argc != 1)
  789. {
  790. command_print(cmd_ctx, "usage: arm920t read_mmu <filename>");
  791. return ERROR_OK;
  792. }
  793. if ((output = fopen(args[0], "w")) == NULL)
  794. {
  795. LOG_DEBUG("error opening mmu content file");
  796. return ERROR_OK;
  797. }
  798. for (i = 0; i < 16; i++)
  799. regs_p[i] = &regs[i];
  800. if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
  801. {
  802. command_print(cmd_ctx, "current target isn't an ARM920t target");
  803. return ERROR_OK;
  804. }
  805. jtag_info = &arm7_9->jtag_info;
  806. /* disable MMU and Caches */
  807. arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), &cp15_ctrl);
  808. if ((retval = jtag_execute_queue()) != ERROR_OK)
  809. {
  810. return retval;
  811. }
  812. cp15_ctrl_saved = cp15_ctrl;
  813. cp15_ctrl &= ~(ARMV4_5_MMU_ENABLED | ARMV4_5_D_U_CACHE_ENABLED | ARMV4_5_I_CACHE_ENABLED);
  814. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl);
  815. /* read CP15 test state register */
  816. arm920t_read_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), &cp15c15);
  817. if ((retval = jtag_execute_queue()) != ERROR_OK)
  818. {
  819. return retval;
  820. }
  821. /* prepare reading D TLB content
  822. * */
  823. /* set interpret mode */
  824. cp15c15 |= 0x1;
  825. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  826. /* Read D TLB lockdown */
  827. arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,0), ARMV4_5_LDR(1, 0));
  828. /* clear interpret mode */
  829. cp15c15 &= ~0x1;
  830. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  831. /* read D TLB lockdown stored to r1 */
  832. arm9tdmi_read_core_regs(target, 0x2, regs_p);
  833. if ((retval = jtag_execute_queue()) != ERROR_OK)
  834. {
  835. return retval;
  836. }
  837. Dlockdown = regs[1];
  838. for (victim = 0; victim < 64; victim += 8)
  839. {
  840. /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
  841. * base remains unchanged, victim goes through entries 0 to 63 */
  842. regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
  843. arm9tdmi_write_core_regs(target, 0x2, regs);
  844. /* set interpret mode */
  845. cp15c15 |= 0x1;
  846. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  847. /* Write D TLB lockdown */
  848. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
  849. /* Read D TLB CAM */
  850. arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,6,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
  851. /* clear interpret mode */
  852. cp15c15 &= ~0x1;
  853. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  854. /* read D TLB CAM content stored to r2-r9 */
  855. arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
  856. if ((retval = jtag_execute_queue()) != ERROR_OK)
  857. {
  858. return retval;
  859. }
  860. for (i = 0; i < 8; i++)
  861. d_tlb[victim + i].cam = regs[i + 2];
  862. }
  863. for (victim = 0; victim < 64; victim++)
  864. {
  865. /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
  866. * base remains unchanged, victim goes through entries 0 to 63 */
  867. regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
  868. arm9tdmi_write_core_regs(target, 0x2, regs);
  869. /* set interpret mode */
  870. cp15c15 |= 0x1;
  871. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  872. /* Write D TLB lockdown */
  873. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
  874. /* Read D TLB RAM1 */
  875. arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,10,4), ARMV4_5_LDR(2,0));
  876. /* Read D TLB RAM2 */
  877. arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,2,5), ARMV4_5_LDR(3,0));
  878. /* clear interpret mode */
  879. cp15c15 &= ~0x1;
  880. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  881. /* read D TLB RAM content stored to r2 and r3 */
  882. arm9tdmi_read_core_regs(target, 0xc, regs_p);
  883. if ((retval = jtag_execute_queue()) != ERROR_OK)
  884. {
  885. return retval;
  886. }
  887. d_tlb[victim].ram1 = regs[2];
  888. d_tlb[victim].ram2 = regs[3];
  889. }
  890. /* restore D TLB lockdown */
  891. regs[1] = Dlockdown;
  892. arm9tdmi_write_core_regs(target, 0x2, regs);
  893. /* Write D TLB lockdown */
  894. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,0), ARMV4_5_STR(1, 0));
  895. /* prepare reading I TLB content
  896. * */
  897. /* set interpret mode */
  898. cp15c15 |= 0x1;
  899. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  900. /* Read I TLB lockdown */
  901. arm920t_execute_cp15(target, ARMV4_5_MRC(15,0,0,10,0,1), ARMV4_5_LDR(1, 0));
  902. /* clear interpret mode */
  903. cp15c15 &= ~0x1;
  904. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  905. /* read I TLB lockdown stored to r1 */
  906. arm9tdmi_read_core_regs(target, 0x2, regs_p);
  907. if ((retval = jtag_execute_queue()) != ERROR_OK)
  908. {
  909. return retval;
  910. }
  911. Ilockdown = regs[1];
  912. for (victim = 0; victim < 64; victim += 8)
  913. {
  914. /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
  915. * base remains unchanged, victim goes through entries 0 to 63 */
  916. regs[1] = (Ilockdown & 0xfc000000) | (victim << 20);
  917. arm9tdmi_write_core_regs(target, 0x2, regs);
  918. /* set interpret mode */
  919. cp15c15 |= 0x1;
  920. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  921. /* Write I TLB lockdown */
  922. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
  923. /* Read I TLB CAM */
  924. arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,5,4), ARMV4_5_LDMIA(0, 0x3fc, 0, 0));
  925. /* clear interpret mode */
  926. cp15c15 &= ~0x1;
  927. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  928. /* read I TLB CAM content stored to r2-r9 */
  929. arm9tdmi_read_core_regs(target, 0x3fc, regs_p);
  930. if ((retval = jtag_execute_queue()) != ERROR_OK)
  931. {
  932. return retval;
  933. }
  934. for (i = 0; i < 8; i++)
  935. i_tlb[i + victim].cam = regs[i + 2];
  936. }
  937. for (victim = 0; victim < 64; victim++)
  938. {
  939. /* new lockdown value: base[31:26]:victim[25:20]:SBZ[19:1]:p[0]
  940. * base remains unchanged, victim goes through entries 0 to 63 */
  941. regs[1] = (Dlockdown & 0xfc000000) | (victim << 20);
  942. arm9tdmi_write_core_regs(target, 0x2, regs);
  943. /* set interpret mode */
  944. cp15c15 |= 0x1;
  945. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0xf, 0), cp15c15);
  946. /* Write I TLB lockdown */
  947. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
  948. /* Read I TLB RAM1 */
  949. arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,9,4), ARMV4_5_LDR(2,0));
  950. /* Read I TLB RAM2 */
  951. arm920t_execute_cp15(target, ARMV4_5_MCR(15,4,0,15,1,5), ARMV4_5_LDR(3,0));
  952. /* clear interpret mode */
  953. cp15c15 &= ~0x1;
  954. arm920t_write_cp15_physical(target, 0x1e, cp15c15);
  955. /* read I TLB RAM content stored to r2 and r3 */
  956. arm9tdmi_read_core_regs(target, 0xc, regs_p);
  957. if ((retval = jtag_execute_queue()) != ERROR_OK)
  958. {
  959. return retval;
  960. }
  961. i_tlb[victim].ram1 = regs[2];
  962. i_tlb[victim].ram2 = regs[3];
  963. }
  964. /* restore I TLB lockdown */
  965. regs[1] = Ilockdown;
  966. arm9tdmi_write_core_regs(target, 0x2, regs);
  967. /* Write I TLB lockdown */
  968. arm920t_execute_cp15(target, ARMV4_5_MCR(15,0,0,10,0,1), ARMV4_5_STR(1, 0));
  969. /* restore CP15 MMU and Cache settings */
  970. arm920t_write_cp15_physical(target, ARM920T_CP15_PHYS_ADDR(0, 0x1, 0), cp15_ctrl_saved);
  971. /* output data to file */
  972. fprintf(output, "D TLB content:\n");
  973. for (i = 0; i < 64; i++)
  974. {
  975. fprintf(output, "%i: 0x%8.8x 0x%8.8x 0x%8.8x %s\n", i, d_tlb[i].cam, d_tlb[i].ram1, d_tlb[i].ram2, (d_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
  976. }
  977. fprintf(output, "\n\nI TLB content:\n");
  978. for (i = 0; i < 64; i++)
  979. {
  980. fprintf(output, "%i: 0x%8.8x 0x%8.8x 0x%8.8x %s\n", i, i_tlb[i].cam, i_tlb[i].ram1, i_tlb[i].ram2, (i_tlb[i].cam & 0x20) ? "(valid)" : "(invalid)");
  981. }
  982. command_print(cmd_ctx, "mmu content successfully output to %s", args[0]);
  983. fclose(output);
  984. if (armv4_5_mode_to_number(armv4_5->core_mode)==-1)
  985. return ERROR_FAIL;
  986. /* mark registers dirty */
  987. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 0).valid;
  988. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 1).valid;
  989. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 2).valid;
  990. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 3).valid;
  991. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 4).valid;
  992. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 5).valid;
  993. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 6).valid;
  994. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 7).valid;
  995. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 8).valid;
  996. ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).dirty = ARMV4_5_CORE_REG_MODE(armv4_5->core_cache, armv4_5->core_mode, 9).valid;
  997. return ERROR_OK;
  998. }
  999. int arm920t_handle_cp15_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
  1000. {
  1001. int retval;
  1002. target_t *target = get_current_target(cmd_ctx);
  1003. armv4_5_common_t *armv4_5;
  1004. arm7_9_common_t *arm7_9;
  1005. arm9tdmi_common_t *arm9tdmi;
  1006. arm920t_common_t *arm920t;
  1007. arm_jtag_t *jtag_info;
  1008. if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
  1009. {
  1010. command_print(cmd_ctx, "current target isn't an ARM920t target");
  1011. return ERROR_OK;
  1012. }
  1013. jtag_info = &arm7_9->jtag_info;
  1014. if (target->state != TARGET_HALTED)
  1015. {
  1016. command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
  1017. return ERROR_OK;
  1018. }
  1019. /* one or more argument, access a single register (write if second argument is given */
  1020. if (argc >= 1)
  1021. {
  1022. int address = strtoul(args[0], NULL, 0);
  1023. if (argc == 1)
  1024. {
  1025. u32 value;
  1026. if ((retval = arm920t_read_cp15_physical(target, address, &value)) != ERROR_OK)
  1027. {
  1028. command_print(cmd_ctx, "couldn't access reg %i", address);
  1029. return ERROR_OK;
  1030. }
  1031. if ((retval = jtag_execute_queue()) != ERROR_OK)
  1032. {
  1033. return retval;
  1034. }
  1035. command_print(cmd_ctx, "%i: %8.8x", address, value);
  1036. }
  1037. else if (argc == 2)
  1038. {
  1039. u32 value = strtoul(args[1], NULL, 0);
  1040. if ((retval = arm920t_write_cp15_physical(target, address, value)) != ERROR_OK)
  1041. {
  1042. command_print(cmd_ctx, "couldn't access reg %i", address);
  1043. return ERROR_OK;
  1044. }
  1045. command_print(cmd_ctx, "%i: %8.8x", address, value);
  1046. }
  1047. }
  1048. return ERROR_OK;
  1049. }
  1050. int arm920t_handle_cp15i_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
  1051. {
  1052. int retval;
  1053. target_t *target = get_current_target(cmd_ctx);
  1054. armv4_5_common_t *armv4_5;
  1055. arm7_9_common_t *arm7_9;
  1056. arm9tdmi_common_t *arm9tdmi;
  1057. arm920t_common_t *arm920t;
  1058. arm_jtag_t *jtag_info;
  1059. if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
  1060. {
  1061. command_print(cmd_ctx, "current target isn't an ARM920t target");
  1062. return ERROR_OK;
  1063. }
  1064. jtag_info = &arm7_9->jtag_info;
  1065. if (target->state != TARGET_HALTED)
  1066. {
  1067. command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
  1068. return ERROR_OK;
  1069. }
  1070. /* one or more argument, access a single register (write if second argument is given */
  1071. if (argc >= 1)
  1072. {
  1073. u32 opcode = strtoul(args[0], NULL, 0);
  1074. if (argc == 1)
  1075. {
  1076. u32 value;
  1077. if ((retval = arm920t_read_cp15_interpreted(target, opcode, 0x0, &value)) != ERROR_OK)
  1078. {
  1079. command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
  1080. return ERROR_OK;
  1081. }
  1082. command_print(cmd_ctx, "%8.8x: %8.8x", opcode, value);
  1083. }
  1084. else if (argc == 2)
  1085. {
  1086. u32 value = strtoul(args[1], NULL, 0);
  1087. if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, 0)) != ERROR_OK)
  1088. {
  1089. command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
  1090. return ERROR_OK;
  1091. }
  1092. command_print(cmd_ctx, "%8.8x: %8.8x", opcode, value);
  1093. }
  1094. else if (argc == 3)
  1095. {
  1096. u32 value = strtoul(args[1], NULL, 0);
  1097. u32 address = strtoul(args[2], NULL, 0);
  1098. if ((retval = arm920t_write_cp15_interpreted(target, opcode, value, address)) != ERROR_OK)
  1099. {
  1100. command_print(cmd_ctx, "couldn't execute %8.8x", opcode);
  1101. return ERROR_OK;
  1102. }
  1103. command_print(cmd_ctx, "%8.8x: %8.8x %8.8x", opcode, value, address);
  1104. }
  1105. }
  1106. else
  1107. {
  1108. command_print(cmd_ctx, "usage: arm920t cp15i <opcode> [value] [address]");
  1109. }
  1110. return ERROR_OK;
  1111. }
  1112. int arm920t_handle_cache_info_command(struct command_context_s *cmd_ctx, char *cmd, char **args, int argc)
  1113. {
  1114. target_t *target = get_current_target(cmd_ctx);
  1115. armv4_5_common_t *armv4_5;
  1116. arm7_9_common_t *arm7_9;
  1117. arm9tdmi_common_t *arm9tdmi;
  1118. arm920t_common_t *arm920t;
  1119. if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
  1120. {
  1121. command_print(cmd_ctx, "current target isn't an ARM920t target");
  1122. return ERROR_OK;
  1123. }
  1124. return armv4_5_handle_cache_info_command(cmd_ctx, &arm920t->armv4_5_mmu.armv4_5_cache);
  1125. }
  1126. int arm920t_handle_virt2phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
  1127. {
  1128. target_t *target = get_current_target(cmd_ctx);
  1129. armv4_5_common_t *armv4_5;
  1130. arm7_9_common_t *arm7_9;
  1131. arm9tdmi_common_t *arm9tdmi;
  1132. arm920t_common_t *arm920t;
  1133. arm_jtag_t *jtag_info;
  1134. if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
  1135. {
  1136. command_print(cmd_ctx, "current target isn't an ARM920t target");
  1137. return ERROR_OK;
  1138. }
  1139. jtag_info = &arm7_9->jtag_info;
  1140. if (target->state != TARGET_HALTED)
  1141. {
  1142. command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
  1143. return ERROR_OK;
  1144. }
  1145. return armv4_5_mmu_handle_virt2phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
  1146. }
  1147. int arm920t_handle_md_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
  1148. {
  1149. target_t *target = get_current_target(cmd_ctx);
  1150. armv4_5_common_t *armv4_5;
  1151. arm7_9_common_t *arm7_9;
  1152. arm9tdmi_common_t *arm9tdmi;
  1153. arm920t_common_t *arm920t;
  1154. arm_jtag_t *jtag_info;
  1155. if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
  1156. {
  1157. command_print(cmd_ctx, "current target isn't an ARM920t target");
  1158. return ERROR_OK;
  1159. }
  1160. jtag_info = &arm7_9->jtag_info;
  1161. if (target->state != TARGET_HALTED)
  1162. {
  1163. command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
  1164. return ERROR_OK;
  1165. }
  1166. return armv4_5_mmu_handle_md_phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
  1167. }
  1168. int arm920t_handle_mw_phys_command(command_context_t *cmd_ctx, char *cmd, char **args, int argc)
  1169. {
  1170. target_t *target = get_current_target(cmd_ctx);
  1171. armv4_5_common_t *armv4_5;
  1172. arm7_9_common_t *arm7_9;
  1173. arm9tdmi_common_t *arm9tdmi;
  1174. arm920t_common_t *arm920t;
  1175. arm_jtag_t *jtag_info;
  1176. if (arm920t_get_arch_pointers(target, &armv4_5, &arm7_9, &arm9tdmi, &arm920t) != ERROR_OK)
  1177. {
  1178. command_print(cmd_ctx, "current target isn't an ARM920t target");
  1179. return ERROR_OK;
  1180. }
  1181. jtag_info = &arm7_9->jtag_info;
  1182. if (target->state != TARGET_HALTED)
  1183. {
  1184. command_print(cmd_ctx, "target must be stopped for \"%s\" command", cmd);
  1185. return ERROR_OK;
  1186. }
  1187. return armv4_5_mmu_handle_mw_phys_command(cmd_ctx, cmd, args, argc, target, &arm920t->armv4_5_mmu);
  1188. }