search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
mips32, drop unnecessary code in mips32_pracc.c
[openocd.git] / src / target / aarch64.c
blobe647bba13649c99d9a27b3fb359ea84ca570090e
1 /***************************************************************************
2 * Copyright (C) 2015 by David Ung *
3 * *
4 * This program is free software; you can redistribute it and/or modify *
5 * it under the terms of the GNU General Public License as published by *
6 * the Free Software Foundation; either version 2 of the License, or *
7 * (at your option) any later version. *
8 * *
9 * This program is distributed in the hope that it will be useful, *
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
12 * GNU General Public License for more details. *
13 * *
14 * You should have received a copy of the GNU General Public License *
15 * along with this program; if not, write to the *
16 * Free Software Foundation, Inc., *
17 * *
18 ***************************************************************************/
19
20 #ifdef HAVE_CONFIG_H
21 #include "config.h"
22 #endif
23
24 #include "breakpoints.h"
25 #include "aarch64.h"
26 #include "register.h"
27 #include "target_request.h"
28 #include "target_type.h"
29 #include "armv8_opcodes.h"
30 #include "armv8_cache.h"
31 #include <helper/time_support.h>
32
33 #define __unused __attribute((unused))
34
35 enum restart_mode {
36 RESTART_LAZY,
37 RESTART_SYNC,
38 };
39
40 enum halt_mode {
41 HALT_LAZY,
42 HALT_SYNC,
43 };
44
45 static int aarch64_poll(struct target *target);
46 static int aarch64_debug_entry(struct target *target);
47 static int aarch64_restore_context(struct target *target, bool bpwp);
48 static int aarch64_set_breakpoint(struct target *target,
49 struct breakpoint *breakpoint, uint8_t matchmode);
50 static int aarch64_set_context_breakpoint(struct target *target,
51 struct breakpoint *breakpoint, uint8_t matchmode);
52 static int aarch64_set_hybrid_breakpoint(struct target *target,
53 struct breakpoint *breakpoint);
54 static int aarch64_unset_breakpoint(struct target *target,
55 struct breakpoint *breakpoint);
56 static int aarch64_mmu(struct target *target, int *enabled);
57 static int aarch64_virt2phys(struct target *target,
58 target_addr_t virt, target_addr_t *phys);
59 static int aarch64_read_apb_ap_memory(struct target *target,
60 uint64_t address, uint32_t size, uint32_t count, uint8_t *buffer);
61
62 #define foreach_smp_target(pos, head) \
63 for (pos = head; (pos != NULL); pos = pos->next)
64
65 static int aarch64_restore_system_control_reg(struct target *target)
66 {
67 enum arm_mode target_mode = ARM_MODE_ANY;
68 int retval = ERROR_OK;
69 uint32_t instr;
70
71 struct aarch64_common *aarch64 = target_to_aarch64(target);
72 struct armv8_common *armv8 = target_to_armv8(target);
73
74 if (aarch64->system_control_reg != aarch64->system_control_reg_curr) {
75 aarch64->system_control_reg_curr = aarch64->system_control_reg;
76 /* LOG_INFO("cp15_control_reg: %8.8" PRIx32, cortex_v8->cp15_control_reg); */
77
78 switch (armv8->arm.core_mode) {
79 case ARMV8_64_EL0T:
80 target_mode = ARMV8_64_EL1H;
81 /* fall through */
82 case ARMV8_64_EL1T:
83 case ARMV8_64_EL1H:
84 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL1, 0);
85 break;
86 case ARMV8_64_EL2T:
87 case ARMV8_64_EL2H:
88 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL2, 0);
89 break;
90 case ARMV8_64_EL3H:
91 case ARMV8_64_EL3T:
92 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL3, 0);
93 break;
94
95 case ARM_MODE_SVC:
96 case ARM_MODE_ABT:
97 case ARM_MODE_FIQ:
98 case ARM_MODE_IRQ:
99 instr = ARMV4_5_MCR(15, 0, 0, 1, 0, 0);
100 break;
101
102 default:
103 LOG_INFO("cannot read system control register in this mode");
104 return ERROR_FAIL;
105 }
106
107 if (target_mode != ARM_MODE_ANY)
108 armv8_dpm_modeswitch(&armv8->dpm, target_mode);
109
110 retval = armv8->dpm.instr_write_data_r0(&armv8->dpm, instr, aarch64->system_control_reg);
111 if (retval != ERROR_OK)
112 return retval;
113
114 if (target_mode != ARM_MODE_ANY)
115 armv8_dpm_modeswitch(&armv8->dpm, ARM_MODE_ANY);
116 }
117
118 return retval;
119 }
120
121 /* modify system_control_reg in order to enable or disable mmu for :
122 * - virt2phys address conversion
123 * - read or write memory in phys or virt address */
124 static int aarch64_mmu_modify(struct target *target, int enable)
125 {
126 struct aarch64_common *aarch64 = target_to_aarch64(target);
127 struct armv8_common *armv8 = &aarch64->armv8_common;
128 int retval = ERROR_OK;
129 uint32_t instr = 0;
130
131 if (enable) {
132 /* if mmu enabled at target stop and mmu not enable */
133 if (!(aarch64->system_control_reg & 0x1U)) {
134 LOG_ERROR("trying to enable mmu on target stopped with mmu disable");
135 return ERROR_FAIL;
136 }
137 if (!(aarch64->system_control_reg_curr & 0x1U))
138 aarch64->system_control_reg_curr |= 0x1U;
139 } else {
140 if (aarch64->system_control_reg_curr & 0x4U) {
141 /* data cache is active */
142 aarch64->system_control_reg_curr &= ~0x4U;
143 /* flush data cache armv8 function to be called */
144 if (armv8->armv8_mmu.armv8_cache.flush_all_data_cache)
145 armv8->armv8_mmu.armv8_cache.flush_all_data_cache(target);
146 }
147 if ((aarch64->system_control_reg_curr & 0x1U)) {
148 aarch64->system_control_reg_curr &= ~0x1U;
149 }
150 }
151
152 switch (armv8->arm.core_mode) {
153 case ARMV8_64_EL0T:
154 case ARMV8_64_EL1T:
155 case ARMV8_64_EL1H:
156 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL1, 0);
157 break;
158 case ARMV8_64_EL2T:
159 case ARMV8_64_EL2H:
160 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL2, 0);
161 break;
162 case ARMV8_64_EL3H:
163 case ARMV8_64_EL3T:
164 instr = ARMV8_MSR_GP(SYSTEM_SCTLR_EL3, 0);
165 break;
166 default:
167 LOG_DEBUG("unknown cpu state 0x%x" PRIx32, armv8->arm.core_state);
168 break;
169 }
170
171 retval = armv8->dpm.instr_write_data_r0(&armv8->dpm, instr,
172 aarch64->system_control_reg_curr);
173 return retval;
174 }
175
176 /*
177 * Basic debug access, very low level assumes state is saved
178 */
179 static int aarch64_init_debug_access(struct target *target)
180 {
181 struct armv8_common *armv8 = target_to_armv8(target);
182 int retval;
183 uint32_t dummy;
184
185 LOG_DEBUG(" ");
186
187 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
188 armv8->debug_base + CPUV8_DBG_OSLAR, 0);
189 if (retval != ERROR_OK) {
190 LOG_DEBUG("Examine %s failed", "oslock");
191 return retval;
192 }
193
194 /* Clear Sticky Power Down status Bit in PRSR to enable access to
195 the registers in the Core Power Domain */
196 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
197 armv8->debug_base + CPUV8_DBG_PRSR, &dummy);
198 if (retval != ERROR_OK)
199 return retval;
200
201 /*
202 * Static CTI configuration:
203 * Channel 0 -> trigger outputs HALT request to PE
204 * Channel 1 -> trigger outputs Resume request to PE
205 * Gate all channel trigger events from entering the CTM
206 */
207
208 /* Enable CTI */
209 retval = arm_cti_enable(armv8->cti, true);
210 /* By default, gate all channel events to and from the CTM */
211 if (retval == ERROR_OK)
212 retval = arm_cti_write_reg(armv8->cti, CTI_GATE, 0);
213 /* output halt requests to PE on channel 0 event */
214 if (retval == ERROR_OK)
215 retval = arm_cti_write_reg(armv8->cti, CTI_OUTEN0, CTI_CHNL(0));
216 /* output restart requests to PE on channel 1 event */
217 if (retval == ERROR_OK)
218 retval = arm_cti_write_reg(armv8->cti, CTI_OUTEN1, CTI_CHNL(1));
219 if (retval != ERROR_OK)
220 return retval;
221
222 /* Resync breakpoint registers */
223
224 return ERROR_OK;
225 }
226
227 /* Write to memory mapped registers directly with no cache or mmu handling */
228 static int aarch64_dap_write_memap_register_u32(struct target *target,
229 uint32_t address,
230 uint32_t value)
231 {
232 int retval;
233 struct armv8_common *armv8 = target_to_armv8(target);
234
235 retval = mem_ap_write_atomic_u32(armv8->debug_ap, address, value);
236
237 return retval;
238 }
239
240 static int aarch64_dpm_setup(struct aarch64_common *a8, uint64_t debug)
241 {
242 struct arm_dpm *dpm = &a8->armv8_common.dpm;
243 int retval;
244
245 dpm->arm = &a8->armv8_common.arm;
246 dpm->didr = debug;
247
248 retval = armv8_dpm_setup(dpm);
249 if (retval == ERROR_OK)
250 retval = armv8_dpm_initialize(dpm);
251
252 return retval;
253 }
254
255 static int aarch64_set_dscr_bits(struct target *target, unsigned long bit_mask, unsigned long value)
256 {
257 struct armv8_common *armv8 = target_to_armv8(target);
258 return armv8_set_dbgreg_bits(armv8, CPUV8_DBG_DSCR, bit_mask, value);
259 }
260
261 static int aarch64_check_state_one(struct target *target,
262 uint32_t mask, uint32_t val, int *p_result, uint32_t *p_prsr)
263 {
264 struct armv8_common *armv8 = target_to_armv8(target);
265 uint32_t prsr;
266 int retval;
267
268 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
269 armv8->debug_base + CPUV8_DBG_PRSR, &prsr);
270 if (retval != ERROR_OK)
271 return retval;
272
273 if (p_prsr)
274 *p_prsr = prsr;
275
276 if (p_result)
277 *p_result = (prsr & mask) == (val & mask);
278
279 return ERROR_OK;
280 }
281
282 static int aarch64_wait_halt_one(struct target *target)
283 {
284 int retval = ERROR_OK;
285 uint32_t prsr;
286
287 int64_t then = timeval_ms();
288 for (;;) {
289 int halted;
290
291 retval = aarch64_check_state_one(target, PRSR_HALT, PRSR_HALT, &halted, &prsr);
292 if (retval != ERROR_OK || halted)
293 break;
294
295 if (timeval_ms() > then + 1000) {
296 retval = ERROR_TARGET_TIMEOUT;
297 LOG_DEBUG("target %s timeout, prsr=0x%08"PRIx32, target_name(target), prsr);
298 break;
299 }
300 }
301 return retval;
302 }
303
304 static int aarch64_prepare_halt_smp(struct target *target, bool exc_target, struct target **p_first)
305 {
306 int retval = ERROR_OK;
307 struct target_list *head = target->head;
308 struct target *first = NULL;
309
310 LOG_DEBUG("target %s exc %i", target_name(target), exc_target);
311
312 while (head != NULL) {
313 struct target *curr = head->target;
314 struct armv8_common *armv8 = target_to_armv8(curr);
315 head = head->next;
316
317 if (exc_target && curr == target)
318 continue;
319 if (!target_was_examined(curr))
320 continue;
321 if (curr->state != TARGET_RUNNING)
322 continue;
323
324 /* HACK: mark this target as prepared for halting */
325 curr->debug_reason = DBG_REASON_DBGRQ;
326
327 /* open the gate for channel 0 to let HALT requests pass to the CTM */
328 retval = arm_cti_ungate_channel(armv8->cti, 0);
329 if (retval == ERROR_OK)
330 retval = aarch64_set_dscr_bits(curr, DSCR_HDE, DSCR_HDE);
331 if (retval != ERROR_OK)
332 break;
333
334 LOG_DEBUG("target %s prepared", target_name(curr));
335
336 if (first == NULL)
337 first = curr;
338 }
339
340 if (p_first) {
341 if (exc_target && first)
342 *p_first = first;
343 else
344 *p_first = target;
345 }
346
347 return retval;
348 }
349
350 static int aarch64_halt_one(struct target *target, enum halt_mode mode)
351 {
352 int retval = ERROR_OK;
353 struct armv8_common *armv8 = target_to_armv8(target);
354
355 LOG_DEBUG("%s", target_name(target));
356
357 /* allow Halting Debug Mode */
358 retval = aarch64_set_dscr_bits(target, DSCR_HDE, DSCR_HDE);
359 if (retval != ERROR_OK)
360 return retval;
361
362 /* trigger an event on channel 0, this outputs a halt request to the PE */
363 retval = arm_cti_pulse_channel(armv8->cti, 0);
364 if (retval != ERROR_OK)
365 return retval;
366
367 if (mode == HALT_SYNC) {
368 retval = aarch64_wait_halt_one(target);
369 if (retval != ERROR_OK) {
370 if (retval == ERROR_TARGET_TIMEOUT)
371 LOG_ERROR("Timeout waiting for target %s halt", target_name(target));
372 return retval;
373 }
374 }
375
376 return ERROR_OK;
377 }
378
379 static int aarch64_halt_smp(struct target *target, bool exc_target)
380 {
381 struct target *next = target;
382 int retval;
383
384 /* prepare halt on all PEs of the group */
385 retval = aarch64_prepare_halt_smp(target, exc_target, &next);
386
387 if (exc_target && next == target)
388 return retval;
389
390 /* halt the target PE */
391 if (retval == ERROR_OK)
392 retval = aarch64_halt_one(next, HALT_LAZY);
393
394 if (retval != ERROR_OK)
395 return retval;
396
397 /* wait for all PEs to halt */
398 int64_t then = timeval_ms();
399 for (;;) {
400 bool all_halted = true;
401 struct target_list *head;
402 struct target *curr;
403
404 foreach_smp_target(head, target->head) {
405 int halted;
406
407 curr = head->target;
408
409 if (!target_was_examined(curr))
410 continue;
411
412 retval = aarch64_check_state_one(curr, PRSR_HALT, PRSR_HALT, &halted, NULL);
413 if (retval != ERROR_OK || !halted) {
414 all_halted = false;
415 break;
416 }
417 }
418
419 if (all_halted)
420 break;
421
422 if (timeval_ms() > then + 1000) {
423 retval = ERROR_TARGET_TIMEOUT;
424 break;
425 }
426
427 /*
428 * HACK: on Hi6220 there are 8 cores organized in 2 clusters
429 * and it looks like the CTI's are not connected by a common
430 * trigger matrix. It seems that we need to halt one core in each
431 * cluster explicitly. So if we find that a core has not halted
432 * yet, we trigger an explicit halt for the second cluster.
433 */
434 retval = aarch64_halt_one(curr, HALT_LAZY);
435 if (retval != ERROR_OK)
436 break;
437 }
438
439 return retval;
440 }
441
442 static int update_halt_gdb(struct target *target, enum target_debug_reason debug_reason)
443 {
444 struct target *gdb_target = NULL;
445 struct target_list *head;
446 struct target *curr;
447
448 if (debug_reason == DBG_REASON_NOTHALTED) {
449 LOG_INFO("Halting remaining targets in SMP group");
450 aarch64_halt_smp(target, true);
451 }
452
453 /* poll all targets in the group, but skip the target that serves GDB */
454 foreach_smp_target(head, target->head) {
455 curr = head->target;
456 /* skip calling context */
457 if (curr == target)
458 continue;
459 if (!target_was_examined(curr))
460 continue;
461 /* skip targets that were already halted */
462 if (curr->state == TARGET_HALTED)
463 continue;
464 /* remember the gdb_service->target */
465 if (curr->gdb_service != NULL)
466 gdb_target = curr->gdb_service->target;
467 /* skip it */
468 if (curr == gdb_target)
469 continue;
470
471 /* avoid recursion in aarch64_poll() */
472 curr->smp = 0;
473 aarch64_poll(curr);
474 curr->smp = 1;
475 }
476
477 /* after all targets were updated, poll the gdb serving target */
478 if (gdb_target != NULL && gdb_target != target)
479 aarch64_poll(gdb_target);
480
481 return ERROR_OK;
482 }
483
484 /*
485 * Aarch64 Run control
486 */
487
488 static int aarch64_poll(struct target *target)
489 {
490 enum target_state prev_target_state;
491 int retval = ERROR_OK;
492 int halted;
493
494 retval = aarch64_check_state_one(target,
495 PRSR_HALT, PRSR_HALT, &halted, NULL);
496 if (retval != ERROR_OK)
497 return retval;
498
499 if (halted) {
500 prev_target_state = target->state;
501 if (prev_target_state != TARGET_HALTED) {
502 enum target_debug_reason debug_reason = target->debug_reason;
503
504 /* We have a halting debug event */
505 target->state = TARGET_HALTED;
506 LOG_DEBUG("Target %s halted", target_name(target));
507 retval = aarch64_debug_entry(target);
508 if (retval != ERROR_OK)
509 return retval;
510
511 if (target->smp)
512 update_halt_gdb(target, debug_reason);
513
514 switch (prev_target_state) {
515 case TARGET_RUNNING:
516 case TARGET_UNKNOWN:
517 case TARGET_RESET:
518 target_call_event_callbacks(target, TARGET_EVENT_HALTED);
519 break;
520 case TARGET_DEBUG_RUNNING:
521 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_HALTED);
522 break;
523 default:
524 break;
525 }
526 }
527 } else
528 target->state = TARGET_RUNNING;
529
530 return retval;
531 }
532
533 static int aarch64_halt(struct target *target)
534 {
535 if (target->smp)
536 return aarch64_halt_smp(target, false);
537
538 return aarch64_halt_one(target, HALT_SYNC);
539 }
540
541 static int aarch64_restore_one(struct target *target, int current,
542 uint64_t *address, int handle_breakpoints, int debug_execution)
543 {
544 struct armv8_common *armv8 = target_to_armv8(target);
545 struct arm *arm = &armv8->arm;
546 int retval;
547 uint64_t resume_pc;
548
549 LOG_DEBUG("%s", target_name(target));
550
551 if (!debug_execution)
552 target_free_all_working_areas(target);
553
554 /* current = 1: continue on current pc, otherwise continue at <address> */
555 resume_pc = buf_get_u64(arm->pc->value, 0, 64);
556 if (!current)
557 resume_pc = *address;
558 else
559 *address = resume_pc;
560
561 /* Make sure that the Armv7 gdb thumb fixups does not
562 * kill the return address
563 */
564 switch (arm->core_state) {
565 case ARM_STATE_ARM:
566 resume_pc &= 0xFFFFFFFC;
567 break;
568 case ARM_STATE_AARCH64:
569 resume_pc &= 0xFFFFFFFFFFFFFFFC;
570 break;
571 case ARM_STATE_THUMB:
572 case ARM_STATE_THUMB_EE:
573 /* When the return address is loaded into PC
574 * bit 0 must be 1 to stay in Thumb state
575 */
576 resume_pc |= 0x1;
577 break;
578 case ARM_STATE_JAZELLE:
579 LOG_ERROR("How do I resume into Jazelle state??");
580 return ERROR_FAIL;
581 }
582 LOG_DEBUG("resume pc = 0x%016" PRIx64, resume_pc);
583 buf_set_u64(arm->pc->value, 0, 64, resume_pc);
584 arm->pc->dirty = 1;
585 arm->pc->valid = 1;
586
587 /* called it now before restoring context because it uses cpu
588 * register r0 for restoring system control register */
589 retval = aarch64_restore_system_control_reg(target);
590 if (retval == ERROR_OK)
591 retval = aarch64_restore_context(target, handle_breakpoints);
592
593 return retval;
594 }
595
596 /**
597 * prepare single target for restart
598 *
599 *
600 */
601 static int aarch64_prepare_restart_one(struct target *target)
602 {
603 struct armv8_common *armv8 = target_to_armv8(target);
604 int retval;
605 uint32_t dscr;
606 uint32_t tmp;
607
608 LOG_DEBUG("%s", target_name(target));
609
610 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
611 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
612 if (retval != ERROR_OK)
613 return retval;
614
615 if ((dscr & DSCR_ITE) == 0)
616 LOG_ERROR("DSCR.ITE must be set before leaving debug!");
617 if ((dscr & DSCR_ERR) != 0)
618 LOG_ERROR("DSCR.ERR must be cleared before leaving debug!");
619
620 /* acknowledge a pending CTI halt event */
621 retval = arm_cti_ack_events(armv8->cti, CTI_TRIG(HALT));
622 /*
623 * open the CTI gate for channel 1 so that the restart events
624 * get passed along to all PEs. Also close gate for channel 0
625 * to isolate the PE from halt events.
626 */
627 if (retval == ERROR_OK)
628 retval = arm_cti_ungate_channel(armv8->cti, 1);
629 if (retval == ERROR_OK)
630 retval = arm_cti_gate_channel(armv8->cti, 0);
631
632 /* make sure that DSCR.HDE is set */
633 if (retval == ERROR_OK) {
634 dscr |= DSCR_HDE;
635 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
636 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
637 }
638
639 /* clear sticky bits in PRSR, SDR is now 0 */
640 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
641 armv8->debug_base + CPUV8_DBG_PRSR, &tmp);
642
643 return retval;
644 }
645
646 static int aarch64_do_restart_one(struct target *target, enum restart_mode mode)
647 {
648 struct armv8_common *armv8 = target_to_armv8(target);
649 int retval;
650
651 LOG_DEBUG("%s", target_name(target));
652
653 /* trigger an event on channel 1, generates a restart request to the PE */
654 retval = arm_cti_pulse_channel(armv8->cti, 1);
655 if (retval != ERROR_OK)
656 return retval;
657
658 if (mode == RESTART_SYNC) {
659 int64_t then = timeval_ms();
660 for (;;) {
661 int resumed;
662 /*
663 * if PRSR.SDR is set now, the target did restart, even
664 * if it's now already halted again (e.g. due to breakpoint)
665 */
666 retval = aarch64_check_state_one(target,
667 PRSR_SDR, PRSR_SDR, &resumed, NULL);
668 if (retval != ERROR_OK || resumed)
669 break;
670
671 if (timeval_ms() > then + 1000) {
672 LOG_ERROR("%s: Timeout waiting for resume"PRIx32, target_name(target));
673 retval = ERROR_TARGET_TIMEOUT;
674 break;
675 }
676 }
677 }
678
679 if (retval != ERROR_OK)
680 return retval;
681
682 target->debug_reason = DBG_REASON_NOTHALTED;
683 target->state = TARGET_RUNNING;
684
685 return ERROR_OK;
686 }
687
688 static int aarch64_restart_one(struct target *target, enum restart_mode mode)
689 {
690 int retval;
691
692 LOG_DEBUG("%s", target_name(target));
693
694 retval = aarch64_prepare_restart_one(target);
695 if (retval == ERROR_OK)
696 retval = aarch64_do_restart_one(target, mode);
697
698 return retval;
699 }
700
701 /*
702 * prepare all but the current target for restart
703 */
704 static int aarch64_prep_restart_smp(struct target *target, int handle_breakpoints, struct target **p_first)
705 {
706 int retval = ERROR_OK;
707 struct target_list *head;
708 struct target *first = NULL;
709 uint64_t address;
710
711 foreach_smp_target(head, target->head) {
712 struct target *curr = head->target;
713
714 /* skip calling target */
715 if (curr == target)
716 continue;
717 if (!target_was_examined(curr))
718 continue;
719 if (curr->state != TARGET_HALTED)
720 continue;
721
722 /* resume at current address, not in step mode */
723 retval = aarch64_restore_one(curr, 1, &address, handle_breakpoints, 0);
724 if (retval == ERROR_OK)
725 retval = aarch64_prepare_restart_one(curr);
726 if (retval != ERROR_OK) {
727 LOG_ERROR("failed to restore target %s", target_name(curr));
728 break;
729 }
730 /* remember the first valid target in the group */
731 if (first == NULL)
732 first = curr;
733 }
734
735 if (p_first)
736 *p_first = first;
737
738 return retval;
739 }
740
741
742 static int aarch64_step_restart_smp(struct target *target)
743 {
744 int retval = ERROR_OK;
745 struct target_list *head;
746 struct target *first = NULL;
747
748 LOG_DEBUG("%s", target_name(target));
749
750 retval = aarch64_prep_restart_smp(target, 0, &first);
751 if (retval != ERROR_OK)
752 return retval;
753
754 if (first != NULL)
755 retval = aarch64_do_restart_one(first, RESTART_LAZY);
756 if (retval != ERROR_OK) {
757 LOG_DEBUG("error restarting target %s", target_name(first));
758 return retval;
759 }
760
761 int64_t then = timeval_ms();
762 for (;;) {
763 struct target *curr = target;
764 bool all_resumed = true;
765
766 foreach_smp_target(head, target->head) {
767 uint32_t prsr;
768 int resumed;
769
770 curr = head->target;
771
772 if (curr == target)
773 continue;
774
775 retval = aarch64_check_state_one(curr,
776 PRSR_SDR, PRSR_SDR, &resumed, &prsr);
777 if (retval != ERROR_OK || (!resumed && (prsr & PRSR_HALT))) {
778 all_resumed = false;
779 break;
780 }
781
782 if (curr->state != TARGET_RUNNING) {
783 curr->state = TARGET_RUNNING;
784 curr->debug_reason = DBG_REASON_NOTHALTED;
785 target_call_event_callbacks(curr, TARGET_EVENT_RESUMED);
786 }
787 }
788
789 if (all_resumed)
790 break;
791
792 if (timeval_ms() > then + 1000) {
793 LOG_ERROR("%s: timeout waiting for target resume", __func__);
794 retval = ERROR_TARGET_TIMEOUT;
795 break;
796 }
797 /*
798 * HACK: on Hi6220 there are 8 cores organized in 2 clusters
799 * and it looks like the CTI's are not connected by a common
800 * trigger matrix. It seems that we need to halt one core in each
801 * cluster explicitly. So if we find that a core has not halted
802 * yet, we trigger an explicit resume for the second cluster.
803 */
804 retval = aarch64_do_restart_one(curr, RESTART_LAZY);
805 if (retval != ERROR_OK)
806 break;
807 }
808
809 return retval;
810 }
811
812 static int aarch64_resume(struct target *target, int current,
813 target_addr_t address, int handle_breakpoints, int debug_execution)
814 {
815 int retval = 0;
816 uint64_t addr = address;
817
818 if (target->state != TARGET_HALTED)
819 return ERROR_TARGET_NOT_HALTED;
820
821 /*
822 * If this target is part of a SMP group, prepare the others
823 * targets for resuming. This involves restoring the complete
824 * target register context and setting up CTI gates to accept
825 * resume events from the trigger matrix.
826 */
827 if (target->smp) {
828 retval = aarch64_prep_restart_smp(target, handle_breakpoints, NULL);
829 if (retval != ERROR_OK)
830 return retval;
831 }
832
833 /* all targets prepared, restore and restart the current target */
834 retval = aarch64_restore_one(target, current, &addr, handle_breakpoints,
835 debug_execution);
836 if (retval == ERROR_OK)
837 retval = aarch64_restart_one(target, RESTART_SYNC);
838 if (retval != ERROR_OK)
839 return retval;
840
841 if (target->smp) {
842 int64_t then = timeval_ms();
843 for (;;) {
844 struct target *curr = target;
845 struct target_list *head;
846 bool all_resumed = true;
847
848 foreach_smp_target(head, target->head) {
849 uint32_t prsr;
850 int resumed;
851
852 curr = head->target;
853 if (curr == target)
854 continue;
855 if (!target_was_examined(curr))
856 continue;
857
858 retval = aarch64_check_state_one(curr,
859 PRSR_SDR, PRSR_SDR, &resumed, &prsr);
860 if (retval != ERROR_OK || (!resumed && (prsr & PRSR_HALT))) {
861 all_resumed = false;
862 break;
863 }
864
865 if (curr->state != TARGET_RUNNING) {
866 curr->state = TARGET_RUNNING;
867 curr->debug_reason = DBG_REASON_NOTHALTED;
868 target_call_event_callbacks(curr, TARGET_EVENT_RESUMED);
869 }
870 }
871
872 if (all_resumed)
873 break;
874
875 if (timeval_ms() > then + 1000) {
876 LOG_ERROR("%s: timeout waiting for target %s to resume", __func__, target_name(curr));
877 retval = ERROR_TARGET_TIMEOUT;
878 break;
879 }
880
881 /*
882 * HACK: on Hi6220 there are 8 cores organized in 2 clusters
883 * and it looks like the CTI's are not connected by a common
884 * trigger matrix. It seems that we need to halt one core in each
885 * cluster explicitly. So if we find that a core has not halted
886 * yet, we trigger an explicit resume for the second cluster.
887 */
888 retval = aarch64_do_restart_one(curr, RESTART_LAZY);
889 if (retval != ERROR_OK)
890 break;
891 }
892 }
893
894 if (retval != ERROR_OK)
895 return retval;
896
897 target->debug_reason = DBG_REASON_NOTHALTED;
898
899 if (!debug_execution) {
900 target->state = TARGET_RUNNING;
901 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
902 LOG_DEBUG("target resumed at 0x%" PRIx64, addr);
903 } else {
904 target->state = TARGET_DEBUG_RUNNING;
905 target_call_event_callbacks(target, TARGET_EVENT_DEBUG_RESUMED);
906 LOG_DEBUG("target debug resumed at 0x%" PRIx64, addr);
907 }
908
909 return ERROR_OK;
910 }
911
912 static int aarch64_debug_entry(struct target *target)
913 {
914 int retval = ERROR_OK;
915 struct armv8_common *armv8 = target_to_armv8(target);
916 struct arm_dpm *dpm = &armv8->dpm;
917 enum arm_state core_state;
918 uint32_t dscr;
919
920 /* make sure to clear all sticky errors */
921 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
922 armv8->debug_base + CPUV8_DBG_DRCR, DRCR_CSE);
923 if (retval == ERROR_OK)
924 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
925 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
926 if (retval == ERROR_OK)
927 retval = arm_cti_ack_events(armv8->cti, CTI_TRIG(HALT));
928
929 if (retval != ERROR_OK)
930 return retval;
931
932 LOG_DEBUG("%s dscr = 0x%08" PRIx32, target_name(target), dscr);
933
934 dpm->dscr = dscr;
935 core_state = armv8_dpm_get_core_state(dpm);
936 armv8_select_opcodes(armv8, core_state == ARM_STATE_AARCH64);
937 armv8_select_reg_access(armv8, core_state == ARM_STATE_AARCH64);
938
939 /* close the CTI gate for all events */
940 if (retval == ERROR_OK)
941 retval = arm_cti_write_reg(armv8->cti, CTI_GATE, 0);
942 /* discard async exceptions */
943 if (retval == ERROR_OK)
944 retval = dpm->instr_cpsr_sync(dpm);
945 if (retval != ERROR_OK)
946 return retval;
947
948 /* Examine debug reason */
949 armv8_dpm_report_dscr(dpm, dscr);
950
951 /* save address of instruction that triggered the watchpoint? */
952 if (target->debug_reason == DBG_REASON_WATCHPOINT) {
953 uint32_t tmp;
954 uint64_t wfar = 0;
955
956 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
957 armv8->debug_base + CPUV8_DBG_WFAR1,
958 &tmp);
959 if (retval != ERROR_OK)
960 return retval;
961 wfar = tmp;
962 wfar = (wfar << 32);
963 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
964 armv8->debug_base + CPUV8_DBG_WFAR0,
965 &tmp);
966 if (retval != ERROR_OK)
967 return retval;
968 wfar |= tmp;
969 armv8_dpm_report_wfar(&armv8->dpm, wfar);
970 }
971
972 retval = armv8_dpm_read_current_registers(&armv8->dpm);
973
974 if (retval == ERROR_OK && armv8->post_debug_entry)
975 retval = armv8->post_debug_entry(target);
976
977 return retval;
978 }
979
980 static int aarch64_post_debug_entry(struct target *target)
981 {
982 struct aarch64_common *aarch64 = target_to_aarch64(target);
983 struct armv8_common *armv8 = &aarch64->armv8_common;
984 int retval;
985 enum arm_mode target_mode = ARM_MODE_ANY;
986 uint32_t instr;
987
988 switch (armv8->arm.core_mode) {
989 case ARMV8_64_EL0T:
990 target_mode = ARMV8_64_EL1H;
991 /* fall through */
992 case ARMV8_64_EL1T:
993 case ARMV8_64_EL1H:
994 instr = ARMV8_MRS(SYSTEM_SCTLR_EL1, 0);
995 break;
996 case ARMV8_64_EL2T:
997 case ARMV8_64_EL2H:
998 instr = ARMV8_MRS(SYSTEM_SCTLR_EL2, 0);
999 break;
1000 case ARMV8_64_EL3H:
1001 case ARMV8_64_EL3T:
1002 instr = ARMV8_MRS(SYSTEM_SCTLR_EL3, 0);
1003 break;
1004
1005 case ARM_MODE_SVC:
1006 case ARM_MODE_ABT:
1007 case ARM_MODE_FIQ:
1008 case ARM_MODE_IRQ:
1009 instr = ARMV4_5_MRC(15, 0, 0, 1, 0, 0);
1010 break;
1011
1012 default:
1013 LOG_INFO("cannot read system control register in this mode");
1014 return ERROR_FAIL;
1015 }
1016
1017 if (target_mode != ARM_MODE_ANY)
1018 armv8_dpm_modeswitch(&armv8->dpm, target_mode);
1019
1020 retval = armv8->dpm.instr_read_data_r0(&armv8->dpm, instr, &aarch64->system_control_reg);
1021 if (retval != ERROR_OK)
1022 return retval;
1023
1024 if (target_mode != ARM_MODE_ANY)
1025 armv8_dpm_modeswitch(&armv8->dpm, ARM_MODE_ANY);
1026
1027 LOG_DEBUG("System_register: %8.8" PRIx32, aarch64->system_control_reg);
1028 aarch64->system_control_reg_curr = aarch64->system_control_reg;
1029
1030 if (armv8->armv8_mmu.armv8_cache.info == -1) {
1031 armv8_identify_cache(armv8);
1032 armv8_read_mpidr(armv8);
1033 }
1034
1035 armv8->armv8_mmu.mmu_enabled =
1036 (aarch64->system_control_reg & 0x1U) ? 1 : 0;
1037 armv8->armv8_mmu.armv8_cache.d_u_cache_enabled =
1038 (aarch64->system_control_reg & 0x4U) ? 1 : 0;
1039 armv8->armv8_mmu.armv8_cache.i_cache_enabled =
1040 (aarch64->system_control_reg & 0x1000U) ? 1 : 0;
1041 return ERROR_OK;
1042 }
1043
1044 /*
1045 * single-step a target
1046 */
1047 static int aarch64_step(struct target *target, int current, target_addr_t address,
1048 int handle_breakpoints)
1049 {
1050 struct armv8_common *armv8 = target_to_armv8(target);
1051 int saved_retval = ERROR_OK;
1052 int retval;
1053 uint32_t edecr;
1054
1055 if (target->state != TARGET_HALTED) {
1056 LOG_WARNING("target not halted");
1057 return ERROR_TARGET_NOT_HALTED;
1058 }
1059
1060 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1061 armv8->debug_base + CPUV8_DBG_EDECR, &edecr);
1062 /* make sure EDECR.SS is not set when restoring the register */
1063
1064 if (retval == ERROR_OK) {
1065 edecr &= ~0x4;
1066 /* set EDECR.SS to enter hardware step mode */
1067 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1068 armv8->debug_base + CPUV8_DBG_EDECR, (edecr|0x4));
1069 }
1070 /* disable interrupts while stepping */
1071 if (retval == ERROR_OK)
1072 retval = aarch64_set_dscr_bits(target, 0x3 << 22, 0x3 << 22);
1073 /* bail out if stepping setup has failed */
1074 if (retval != ERROR_OK)
1075 return retval;
1076
1077 if (target->smp && !handle_breakpoints) {
1078 /*
1079 * isolate current target so that it doesn't get resumed
1080 * together with the others
1081 */
1082 retval = arm_cti_gate_channel(armv8->cti, 1);
1083 /* resume all other targets in the group */
1084 if (retval == ERROR_OK)
1085 retval = aarch64_step_restart_smp(target);
1086 if (retval != ERROR_OK) {
1087 LOG_ERROR("Failed to restart non-stepping targets in SMP group");
1088 return retval;
1089 }
1090 LOG_DEBUG("Restarted all non-stepping targets in SMP group");
1091 }
1092
1093 /* all other targets running, restore and restart the current target */
1094 retval = aarch64_restore_one(target, current, &address, 0, 0);
1095 if (retval == ERROR_OK)
1096 retval = aarch64_restart_one(target, RESTART_LAZY);
1097
1098 if (retval != ERROR_OK)
1099 return retval;
1100
1101 LOG_DEBUG("target step-resumed at 0x%" PRIx64, address);
1102 if (!handle_breakpoints)
1103 target_call_event_callbacks(target, TARGET_EVENT_RESUMED);
1104
1105 int64_t then = timeval_ms();
1106 for (;;) {
1107 int stepped;
1108 uint32_t prsr;
1109
1110 retval = aarch64_check_state_one(target,
1111 PRSR_SDR|PRSR_HALT, PRSR_SDR|PRSR_HALT, &stepped, &prsr);
1112 if (retval != ERROR_OK || stepped)
1113 break;
1114
1115 if (timeval_ms() > then + 1000) {
1116 LOG_ERROR("timeout waiting for target %s halt after step",
1117 target_name(target));
1118 retval = ERROR_TARGET_TIMEOUT;
1119 break;
1120 }
1121 }
1122
1123 if (retval == ERROR_TARGET_TIMEOUT)
1124 saved_retval = retval;
1125
1126 /* restore EDECR */
1127 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1128 armv8->debug_base + CPUV8_DBG_EDECR, edecr);
1129 if (retval != ERROR_OK)
1130 return retval;
1131
1132 /* restore interrupts */
1133 retval = aarch64_set_dscr_bits(target, 0x3 << 22, 0);
1134 if (retval != ERROR_OK)
1135 return ERROR_OK;
1136
1137 if (saved_retval != ERROR_OK)
1138 return saved_retval;
1139
1140 return aarch64_poll(target);
1141 }
1142
1143 static int aarch64_restore_context(struct target *target, bool bpwp)
1144 {
1145 struct armv8_common *armv8 = target_to_armv8(target);
1146 struct arm *arm = &armv8->arm;
1147
1148 int retval;
1149
1150 LOG_DEBUG("%s", target_name(target));
1151
1152 if (armv8->pre_restore_context)
1153 armv8->pre_restore_context(target);
1154
1155 retval = armv8_dpm_write_dirty_registers(&armv8->dpm, bpwp);
1156 if (retval == ERROR_OK) {
1157 /* registers are now invalid */
1158 register_cache_invalidate(arm->core_cache);
1159 register_cache_invalidate(arm->core_cache->next);
1160 }
1161
1162 return retval;
1163 }
1164
1165 /*
1166 * Cortex-A8 Breakpoint and watchpoint functions
1167 */
1168
1169 /* Setup hardware Breakpoint Register Pair */
1170 static int aarch64_set_breakpoint(struct target *target,
1171 struct breakpoint *breakpoint, uint8_t matchmode)
1172 {
1173 int retval;
1174 int brp_i = 0;
1175 uint32_t control;
1176 uint8_t byte_addr_select = 0x0F;
1177 struct aarch64_common *aarch64 = target_to_aarch64(target);
1178 struct armv8_common *armv8 = &aarch64->armv8_common;
1179 struct aarch64_brp *brp_list = aarch64->brp_list;
1180
1181 if (breakpoint->set) {
1182 LOG_WARNING("breakpoint already set");
1183 return ERROR_OK;
1184 }
1185
1186 if (breakpoint->type == BKPT_HARD) {
1187 int64_t bpt_value;
1188 while (brp_list[brp_i].used && (brp_i < aarch64->brp_num))
1189 brp_i++;
1190 if (brp_i >= aarch64->brp_num) {
1191 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1192 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1193 }
1194 breakpoint->set = brp_i + 1;
1195 if (breakpoint->length == 2)
1196 byte_addr_select = (3 << (breakpoint->address & 0x02));
1197 control = ((matchmode & 0x7) << 20)
1198 | (1 << 13)
1199 | (byte_addr_select << 5)
1200 | (3 << 1) | 1;
1201 brp_list[brp_i].used = 1;
1202 brp_list[brp_i].value = breakpoint->address & 0xFFFFFFFFFFFFFFFC;
1203 brp_list[brp_i].control = control;
1204 bpt_value = brp_list[brp_i].value;
1205
1206 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1207 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1208 (uint32_t)(bpt_value & 0xFFFFFFFF));
1209 if (retval != ERROR_OK)
1210 return retval;
1211 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1212 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
1213 (uint32_t)(bpt_value >> 32));
1214 if (retval != ERROR_OK)
1215 return retval;
1216
1217 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1218 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1219 brp_list[brp_i].control);
1220 if (retval != ERROR_OK)
1221 return retval;
1222 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
1223 brp_list[brp_i].control,
1224 brp_list[brp_i].value);
1225
1226 } else if (breakpoint->type == BKPT_SOFT) {
1227 uint8_t code[4];
1228
1229 buf_set_u32(code, 0, 32, armv8_opcode(armv8, ARMV8_OPC_HLT));
1230 retval = target_read_memory(target,
1231 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1232 breakpoint->length, 1,
1233 breakpoint->orig_instr);
1234 if (retval != ERROR_OK)
1235 return retval;
1236
1237 armv8_cache_d_inner_flush_virt(armv8,
1238 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1239 breakpoint->length);
1240
1241 retval = target_write_memory(target,
1242 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1243 breakpoint->length, 1, code);
1244 if (retval != ERROR_OK)
1245 return retval;
1246
1247 armv8_cache_d_inner_flush_virt(armv8,
1248 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1249 breakpoint->length);
1250
1251 armv8_cache_i_inner_inval_virt(armv8,
1252 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1253 breakpoint->length);
1254
1255 breakpoint->set = 0x11; /* Any nice value but 0 */
1256 }
1257
1258 /* Ensure that halting debug mode is enable */
1259 retval = aarch64_set_dscr_bits(target, DSCR_HDE, DSCR_HDE);
1260 if (retval != ERROR_OK) {
1261 LOG_DEBUG("Failed to set DSCR.HDE");
1262 return retval;
1263 }
1264
1265 return ERROR_OK;
1266 }
1267
1268 static int aarch64_set_context_breakpoint(struct target *target,
1269 struct breakpoint *breakpoint, uint8_t matchmode)
1270 {
1271 int retval = ERROR_FAIL;
1272 int brp_i = 0;
1273 uint32_t control;
1274 uint8_t byte_addr_select = 0x0F;
1275 struct aarch64_common *aarch64 = target_to_aarch64(target);
1276 struct armv8_common *armv8 = &aarch64->armv8_common;
1277 struct aarch64_brp *brp_list = aarch64->brp_list;
1278
1279 if (breakpoint->set) {
1280 LOG_WARNING("breakpoint already set");
1281 return retval;
1282 }
1283 /*check available context BRPs*/
1284 while ((brp_list[brp_i].used ||
1285 (brp_list[brp_i].type != BRP_CONTEXT)) && (brp_i < aarch64->brp_num))
1286 brp_i++;
1287
1288 if (brp_i >= aarch64->brp_num) {
1289 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1290 return ERROR_FAIL;
1291 }
1292
1293 breakpoint->set = brp_i + 1;
1294 control = ((matchmode & 0x7) << 20)
1295 | (1 << 13)
1296 | (byte_addr_select << 5)
1297 | (3 << 1) | 1;
1298 brp_list[brp_i].used = 1;
1299 brp_list[brp_i].value = (breakpoint->asid);
1300 brp_list[brp_i].control = control;
1301 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1302 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1303 brp_list[brp_i].value);
1304 if (retval != ERROR_OK)
1305 return retval;
1306 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1307 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1308 brp_list[brp_i].control);
1309 if (retval != ERROR_OK)
1310 return retval;
1311 LOG_DEBUG("brp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
1312 brp_list[brp_i].control,
1313 brp_list[brp_i].value);
1314 return ERROR_OK;
1315
1316 }
1317
1318 static int aarch64_set_hybrid_breakpoint(struct target *target, struct breakpoint *breakpoint)
1319 {
1320 int retval = ERROR_FAIL;
1321 int brp_1 = 0; /* holds the contextID pair */
1322 int brp_2 = 0; /* holds the IVA pair */
1323 uint32_t control_CTX, control_IVA;
1324 uint8_t CTX_byte_addr_select = 0x0F;
1325 uint8_t IVA_byte_addr_select = 0x0F;
1326 uint8_t CTX_machmode = 0x03;
1327 uint8_t IVA_machmode = 0x01;
1328 struct aarch64_common *aarch64 = target_to_aarch64(target);
1329 struct armv8_common *armv8 = &aarch64->armv8_common;
1330 struct aarch64_brp *brp_list = aarch64->brp_list;
1331
1332 if (breakpoint->set) {
1333 LOG_WARNING("breakpoint already set");
1334 return retval;
1335 }
1336 /*check available context BRPs*/
1337 while ((brp_list[brp_1].used ||
1338 (brp_list[brp_1].type != BRP_CONTEXT)) && (brp_1 < aarch64->brp_num))
1339 brp_1++;
1340
1341 printf("brp(CTX) found num: %d\n", brp_1);
1342 if (brp_1 >= aarch64->brp_num) {
1343 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1344 return ERROR_FAIL;
1345 }
1346
1347 while ((brp_list[brp_2].used ||
1348 (brp_list[brp_2].type != BRP_NORMAL)) && (brp_2 < aarch64->brp_num))
1349 brp_2++;
1350
1351 printf("brp(IVA) found num: %d\n", brp_2);
1352 if (brp_2 >= aarch64->brp_num) {
1353 LOG_ERROR("ERROR Can not find free Breakpoint Register Pair");
1354 return ERROR_FAIL;
1355 }
1356
1357 breakpoint->set = brp_1 + 1;
1358 breakpoint->linked_BRP = brp_2;
1359 control_CTX = ((CTX_machmode & 0x7) << 20)
1360 | (brp_2 << 16)
1361 | (0 << 14)
1362 | (CTX_byte_addr_select << 5)
1363 | (3 << 1) | 1;
1364 brp_list[brp_1].used = 1;
1365 brp_list[brp_1].value = (breakpoint->asid);
1366 brp_list[brp_1].control = control_CTX;
1367 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1368 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_1].BRPn,
1369 brp_list[brp_1].value);
1370 if (retval != ERROR_OK)
1371 return retval;
1372 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1373 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_1].BRPn,
1374 brp_list[brp_1].control);
1375 if (retval != ERROR_OK)
1376 return retval;
1377
1378 control_IVA = ((IVA_machmode & 0x7) << 20)
1379 | (brp_1 << 16)
1380 | (1 << 13)
1381 | (IVA_byte_addr_select << 5)
1382 | (3 << 1) | 1;
1383 brp_list[brp_2].used = 1;
1384 brp_list[brp_2].value = breakpoint->address & 0xFFFFFFFFFFFFFFFC;
1385 brp_list[brp_2].control = control_IVA;
1386 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1387 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_2].BRPn,
1388 brp_list[brp_2].value & 0xFFFFFFFF);
1389 if (retval != ERROR_OK)
1390 return retval;
1391 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1392 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_2].BRPn,
1393 brp_list[brp_2].value >> 32);
1394 if (retval != ERROR_OK)
1395 return retval;
1396 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1397 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_2].BRPn,
1398 brp_list[brp_2].control);
1399 if (retval != ERROR_OK)
1400 return retval;
1401
1402 return ERROR_OK;
1403 }
1404
1405 static int aarch64_unset_breakpoint(struct target *target, struct breakpoint *breakpoint)
1406 {
1407 int retval;
1408 struct aarch64_common *aarch64 = target_to_aarch64(target);
1409 struct armv8_common *armv8 = &aarch64->armv8_common;
1410 struct aarch64_brp *brp_list = aarch64->brp_list;
1411
1412 if (!breakpoint->set) {
1413 LOG_WARNING("breakpoint not set");
1414 return ERROR_OK;
1415 }
1416
1417 if (breakpoint->type == BKPT_HARD) {
1418 if ((breakpoint->address != 0) && (breakpoint->asid != 0)) {
1419 int brp_i = breakpoint->set - 1;
1420 int brp_j = breakpoint->linked_BRP;
1421 if ((brp_i < 0) || (brp_i >= aarch64->brp_num)) {
1422 LOG_DEBUG("Invalid BRP number in breakpoint");
1423 return ERROR_OK;
1424 }
1425 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%" TARGET_PRIxADDR, brp_i,
1426 brp_list[brp_i].control, brp_list[brp_i].value);
1427 brp_list[brp_i].used = 0;
1428 brp_list[brp_i].value = 0;
1429 brp_list[brp_i].control = 0;
1430 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1431 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1432 brp_list[brp_i].control);
1433 if (retval != ERROR_OK)
1434 return retval;
1435 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1436 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1437 (uint32_t)brp_list[brp_i].value);
1438 if (retval != ERROR_OK)
1439 return retval;
1440 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1441 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
1442 (uint32_t)brp_list[brp_i].value);
1443 if (retval != ERROR_OK)
1444 return retval;
1445 if ((brp_j < 0) || (brp_j >= aarch64->brp_num)) {
1446 LOG_DEBUG("Invalid BRP number in breakpoint");
1447 return ERROR_OK;
1448 }
1449 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx64, brp_j,
1450 brp_list[brp_j].control, brp_list[brp_j].value);
1451 brp_list[brp_j].used = 0;
1452 brp_list[brp_j].value = 0;
1453 brp_list[brp_j].control = 0;
1454 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1455 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_j].BRPn,
1456 brp_list[brp_j].control);
1457 if (retval != ERROR_OK)
1458 return retval;
1459 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1460 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_j].BRPn,
1461 (uint32_t)brp_list[brp_j].value);
1462 if (retval != ERROR_OK)
1463 return retval;
1464 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1465 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_j].BRPn,
1466 (uint32_t)brp_list[brp_j].value);
1467 if (retval != ERROR_OK)
1468 return retval;
1469
1470 breakpoint->linked_BRP = 0;
1471 breakpoint->set = 0;
1472 return ERROR_OK;
1473
1474 } else {
1475 int brp_i = breakpoint->set - 1;
1476 if ((brp_i < 0) || (brp_i >= aarch64->brp_num)) {
1477 LOG_DEBUG("Invalid BRP number in breakpoint");
1478 return ERROR_OK;
1479 }
1480 LOG_DEBUG("rbp %i control 0x%0" PRIx32 " value 0x%0" PRIx64, brp_i,
1481 brp_list[brp_i].control, brp_list[brp_i].value);
1482 brp_list[brp_i].used = 0;
1483 brp_list[brp_i].value = 0;
1484 brp_list[brp_i].control = 0;
1485 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1486 + CPUV8_DBG_BCR_BASE + 16 * brp_list[brp_i].BRPn,
1487 brp_list[brp_i].control);
1488 if (retval != ERROR_OK)
1489 return retval;
1490 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1491 + CPUV8_DBG_BVR_BASE + 16 * brp_list[brp_i].BRPn,
1492 brp_list[brp_i].value);
1493 if (retval != ERROR_OK)
1494 return retval;
1495
1496 retval = aarch64_dap_write_memap_register_u32(target, armv8->debug_base
1497 + CPUV8_DBG_BVR_BASE + 4 + 16 * brp_list[brp_i].BRPn,
1498 (uint32_t)brp_list[brp_i].value);
1499 if (retval != ERROR_OK)
1500 return retval;
1501 breakpoint->set = 0;
1502 return ERROR_OK;
1503 }
1504 } else {
1505 /* restore original instruction (kept in target endianness) */
1506
1507 armv8_cache_d_inner_flush_virt(armv8,
1508 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1509 breakpoint->length);
1510
1511 if (breakpoint->length == 4) {
1512 retval = target_write_memory(target,
1513 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1514 4, 1, breakpoint->orig_instr);
1515 if (retval != ERROR_OK)
1516 return retval;
1517 } else {
1518 retval = target_write_memory(target,
1519 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1520 2, 1, breakpoint->orig_instr);
1521 if (retval != ERROR_OK)
1522 return retval;
1523 }
1524
1525 armv8_cache_d_inner_flush_virt(armv8,
1526 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1527 breakpoint->length);
1528
1529 armv8_cache_i_inner_inval_virt(armv8,
1530 breakpoint->address & 0xFFFFFFFFFFFFFFFE,
1531 breakpoint->length);
1532 }
1533 breakpoint->set = 0;
1534
1535 return ERROR_OK;
1536 }
1537
1538 static int aarch64_add_breakpoint(struct target *target,
1539 struct breakpoint *breakpoint)
1540 {
1541 struct aarch64_common *aarch64 = target_to_aarch64(target);
1542
1543 if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1544 LOG_INFO("no hardware breakpoint available");
1545 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1546 }
1547
1548 if (breakpoint->type == BKPT_HARD)
1549 aarch64->brp_num_available--;
1550
1551 return aarch64_set_breakpoint(target, breakpoint, 0x00); /* Exact match */
1552 }
1553
1554 static int aarch64_add_context_breakpoint(struct target *target,
1555 struct breakpoint *breakpoint)
1556 {
1557 struct aarch64_common *aarch64 = target_to_aarch64(target);
1558
1559 if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1560 LOG_INFO("no hardware breakpoint available");
1561 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1562 }
1563
1564 if (breakpoint->type == BKPT_HARD)
1565 aarch64->brp_num_available--;
1566
1567 return aarch64_set_context_breakpoint(target, breakpoint, 0x02); /* asid match */
1568 }
1569
1570 static int aarch64_add_hybrid_breakpoint(struct target *target,
1571 struct breakpoint *breakpoint)
1572 {
1573 struct aarch64_common *aarch64 = target_to_aarch64(target);
1574
1575 if ((breakpoint->type == BKPT_HARD) && (aarch64->brp_num_available < 1)) {
1576 LOG_INFO("no hardware breakpoint available");
1577 return ERROR_TARGET_RESOURCE_NOT_AVAILABLE;
1578 }
1579
1580 if (breakpoint->type == BKPT_HARD)
1581 aarch64->brp_num_available--;
1582
1583 return aarch64_set_hybrid_breakpoint(target, breakpoint); /* ??? */
1584 }
1585
1586
1587 static int aarch64_remove_breakpoint(struct target *target, struct breakpoint *breakpoint)
1588 {
1589 struct aarch64_common *aarch64 = target_to_aarch64(target);
1590
1591 #if 0
1592 /* It is perfectly possible to remove breakpoints while the target is running */
1593 if (target->state != TARGET_HALTED) {
1594 LOG_WARNING("target not halted");
1595 return ERROR_TARGET_NOT_HALTED;
1596 }
1597 #endif
1598
1599 if (breakpoint->set) {
1600 aarch64_unset_breakpoint(target, breakpoint);
1601 if (breakpoint->type == BKPT_HARD)
1602 aarch64->brp_num_available++;
1603 }
1604
1605 return ERROR_OK;
1606 }
1607
1608 /*
1609 * Cortex-A8 Reset functions
1610 */
1611
1612 static int aarch64_assert_reset(struct target *target)
1613 {
1614 struct armv8_common *armv8 = target_to_armv8(target);
1615
1616 LOG_DEBUG(" ");
1617
1618 /* FIXME when halt is requested, make it work somehow... */
1619
1620 /* Issue some kind of warm reset. */
1621 if (target_has_event_action(target, TARGET_EVENT_RESET_ASSERT))
1622 target_handle_event(target, TARGET_EVENT_RESET_ASSERT);
1623 else if (jtag_get_reset_config() & RESET_HAS_SRST) {
1624 /* REVISIT handle "pulls" cases, if there's
1625 * hardware that needs them to work.
1626 */
1627 jtag_add_reset(0, 1);
1628 } else {
1629 LOG_ERROR("%s: how to reset?", target_name(target));
1630 return ERROR_FAIL;
1631 }
1632
1633 /* registers are now invalid */
1634 if (target_was_examined(target)) {
1635 register_cache_invalidate(armv8->arm.core_cache);
1636 register_cache_invalidate(armv8->arm.core_cache->next);
1637 }
1638
1639 target->state = TARGET_RESET;
1640
1641 return ERROR_OK;
1642 }
1643
1644 static int aarch64_deassert_reset(struct target *target)
1645 {
1646 int retval;
1647
1648 LOG_DEBUG(" ");
1649
1650 /* be certain SRST is off */
1651 jtag_add_reset(0, 0);
1652
1653 if (!target_was_examined(target))
1654 return ERROR_OK;
1655
1656 retval = aarch64_poll(target);
1657 if (retval != ERROR_OK)
1658 return retval;
1659
1660 if (target->reset_halt) {
1661 if (target->state != TARGET_HALTED) {
1662 LOG_WARNING("%s: ran after reset and before halt ...",
1663 target_name(target));
1664 retval = target_halt(target);
1665 if (retval != ERROR_OK)
1666 return retval;
1667 }
1668 }
1669
1670 return aarch64_init_debug_access(target);
1671 }
1672
1673 static int aarch64_write_apb_ap_memory(struct target *target,
1674 uint64_t address, uint32_t size,
1675 uint32_t count, const uint8_t *buffer)
1676 {
1677 /* write memory through APB-AP */
1678 int retval = ERROR_COMMAND_SYNTAX_ERROR;
1679 struct armv8_common *armv8 = target_to_armv8(target);
1680 struct arm_dpm *dpm = &armv8->dpm;
1681 struct arm *arm = &armv8->arm;
1682 int total_bytes = count * size;
1683 int total_u32;
1684 int start_byte = address & 0x3;
1685 int end_byte = (address + total_bytes) & 0x3;
1686 struct reg *reg;
1687 uint32_t dscr;
1688 uint8_t *tmp_buff = NULL;
1689
1690 if (target->state != TARGET_HALTED) {
1691 LOG_WARNING("target not halted");
1692 return ERROR_TARGET_NOT_HALTED;
1693 }
1694
1695 total_u32 = DIV_ROUND_UP((address & 3) + total_bytes, 4);
1696
1697 /* Mark register R0 as dirty, as it will be used
1698 * for transferring the data.
1699 * It will be restored automatically when exiting
1700 * debug mode
1701 */
1702 reg = armv8_reg_current(arm, 1);
1703 reg->dirty = true;
1704
1705 reg = armv8_reg_current(arm, 0);
1706 reg->dirty = true;
1707
1708 /* This algorithm comes from DDI0487A.g, chapter J9.1 */
1709
1710 /* The algorithm only copies 32 bit words, so the buffer
1711 * should be expanded to include the words at either end.
1712 * The first and last words will be read first to avoid
1713 * corruption if needed.
1714 */
1715 tmp_buff = malloc(total_u32 * 4);
1716
1717 if ((start_byte != 0) && (total_u32 > 1)) {
1718 /* First bytes not aligned - read the 32 bit word to avoid corrupting
1719 * the other bytes in the word.
1720 */
1721 retval = aarch64_read_apb_ap_memory(target, (address & ~0x3), 4, 1, tmp_buff);
1722 if (retval != ERROR_OK)
1723 goto error_free_buff_w;
1724 }
1725
1726 /* If end of write is not aligned, or the write is less than 4 bytes */
1727 if ((end_byte != 0) ||
1728 ((total_u32 == 1) && (total_bytes != 4))) {
1729
1730 /* Read the last word to avoid corruption during 32 bit write */
1731 int mem_offset = (total_u32-1) * 4;
1732 retval = aarch64_read_apb_ap_memory(target, (address & ~0x3) + mem_offset, 4, 1, &tmp_buff[mem_offset]);
1733 if (retval != ERROR_OK)
1734 goto error_free_buff_w;
1735 }
1736
1737 /* Copy the write buffer over the top of the temporary buffer */
1738 memcpy(&tmp_buff[start_byte], buffer, total_bytes);
1739
1740 /* We now have a 32 bit aligned buffer that can be written */
1741
1742 /* Read DSCR */
1743 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1744 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1745 if (retval != ERROR_OK)
1746 goto error_free_buff_w;
1747
1748 /* Set Normal access mode */
1749 dscr = (dscr & ~DSCR_MA);
1750 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1751 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1752
1753 if (arm->core_state == ARM_STATE_AARCH64) {
1754 /* Write X0 with value 'address' using write procedure */
1755 /* Step 1.a+b - Write the address for read access into DBGDTR_EL0 */
1756 /* Step 1.c - Copy value from DTR to R0 using instruction mrs DBGDTR_EL0, x0 */
1757 retval = dpm->instr_write_data_dcc_64(dpm,
1758 ARMV8_MRS(SYSTEM_DBG_DBGDTR_EL0, 0), address & ~0x3ULL);
1759 } else {
1760 /* Write R0 with value 'address' using write procedure */
1761 /* Step 1.a+b - Write the address for read access into DBGDTRRX */
1762 /* Step 1.c - Copy value from DTR to R0 using instruction mrc DBGDTRTXint, r0 */
1763 dpm->instr_write_data_dcc(dpm,
1764 ARMV4_5_MRC(14, 0, 0, 0, 5, 0), address & ~0x3ULL);
1765
1766 }
1767 /* Step 1.d - Change DCC to memory mode */
1768 dscr = dscr | DSCR_MA;
1769 retval += mem_ap_write_atomic_u32(armv8->debug_ap,
1770 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1771 if (retval != ERROR_OK)
1772 goto error_unset_dtr_w;
1773
1774
1775 /* Step 2.a - Do the write */
1776 retval = mem_ap_write_buf_noincr(armv8->debug_ap,
1777 tmp_buff, 4, total_u32, armv8->debug_base + CPUV8_DBG_DTRRX);
1778 if (retval != ERROR_OK)
1779 goto error_unset_dtr_w;
1780
1781 /* Step 3.a - Switch DTR mode back to Normal mode */
1782 dscr = (dscr & ~DSCR_MA);
1783 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1784 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1785 if (retval != ERROR_OK)
1786 goto error_unset_dtr_w;
1787
1788 /* Check for sticky abort flags in the DSCR */
1789 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1790 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1791 if (retval != ERROR_OK)
1792 goto error_free_buff_w;
1793
1794 dpm->dscr = dscr;
1795 if (dscr & (DSCR_ERR | DSCR_SYS_ERROR_PEND)) {
1796 /* Abort occurred - clear it and exit */
1797 LOG_ERROR("abort occurred - dscr = 0x%08" PRIx32, dscr);
1798 armv8_dpm_handle_exception(dpm);
1799 goto error_free_buff_w;
1800 }
1801
1802 /* Done */
1803 free(tmp_buff);
1804 return ERROR_OK;
1805
1806 error_unset_dtr_w:
1807 /* Unset DTR mode */
1808 mem_ap_read_atomic_u32(armv8->debug_ap,
1809 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1810 dscr = (dscr & ~DSCR_MA);
1811 mem_ap_write_atomic_u32(armv8->debug_ap,
1812 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1813 error_free_buff_w:
1814 LOG_ERROR("error");
1815 free(tmp_buff);
1816 return ERROR_FAIL;
1817 }
1818
1819 static int aarch64_read_apb_ap_memory(struct target *target,
1820 target_addr_t address, uint32_t size,
1821 uint32_t count, uint8_t *buffer)
1822 {
1823 /* read memory through APB-AP */
1824 int retval = ERROR_COMMAND_SYNTAX_ERROR;
1825 struct armv8_common *armv8 = target_to_armv8(target);
1826 struct arm_dpm *dpm = &armv8->dpm;
1827 struct arm *arm = &armv8->arm;
1828 int total_bytes = count * size;
1829 int total_u32;
1830 int start_byte = address & 0x3;
1831 int end_byte = (address + total_bytes) & 0x3;
1832 struct reg *reg;
1833 uint32_t dscr;
1834 uint8_t *tmp_buff = NULL;
1835 uint8_t *u8buf_ptr;
1836 uint32_t value;
1837
1838 if (target->state != TARGET_HALTED) {
1839 LOG_WARNING("target not halted");
1840 return ERROR_TARGET_NOT_HALTED;
1841 }
1842
1843 total_u32 = DIV_ROUND_UP((address & 3) + total_bytes, 4);
1844 /* Mark register X0, X1 as dirty, as it will be used
1845 * for transferring the data.
1846 * It will be restored automatically when exiting
1847 * debug mode
1848 */
1849 reg = armv8_reg_current(arm, 1);
1850 reg->dirty = true;
1851
1852 reg = armv8_reg_current(arm, 0);
1853 reg->dirty = true;
1854
1855 /* Read DSCR */
1856 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1857 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1858
1859 /* This algorithm comes from DDI0487A.g, chapter J9.1 */
1860
1861 /* Set Normal access mode */
1862 dscr = (dscr & ~DSCR_MA);
1863 retval += mem_ap_write_atomic_u32(armv8->debug_ap,
1864 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1865
1866 if (arm->core_state == ARM_STATE_AARCH64) {
1867 /* Write X0 with value 'address' using write procedure */
1868 /* Step 1.a+b - Write the address for read access into DBGDTR_EL0 */
1869 /* Step 1.c - Copy value from DTR to R0 using instruction mrs DBGDTR_EL0, x0 */
1870 retval += dpm->instr_write_data_dcc_64(dpm,
1871 ARMV8_MRS(SYSTEM_DBG_DBGDTR_EL0, 0), address & ~0x3ULL);
1872 /* Step 1.d - Dummy operation to ensure EDSCR.Txfull == 1 */
1873 retval += dpm->instr_execute(dpm, ARMV8_MSR_GP(SYSTEM_DBG_DBGDTR_EL0, 0));
1874 /* Step 1.e - Change DCC to memory mode */
1875 dscr = dscr | DSCR_MA;
1876 retval += mem_ap_write_atomic_u32(armv8->debug_ap,
1877 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1878 /* Step 1.f - read DBGDTRTX and discard the value */
1879 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
1880 armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1881 } else {
1882 /* Write R0 with value 'address' using write procedure */
1883 /* Step 1.a+b - Write the address for read access into DBGDTRRXint */
1884 /* Step 1.c - Copy value from DTR to R0 using instruction mrc DBGDTRTXint, r0 */
1885 retval += dpm->instr_write_data_dcc(dpm,
1886 ARMV4_5_MRC(14, 0, 0, 0, 5, 0), address & ~0x3ULL);
1887 /* Step 1.d - Dummy operation to ensure EDSCR.Txfull == 1 */
1888 retval += dpm->instr_execute(dpm, ARMV4_5_MCR(14, 0, 0, 0, 5, 0));
1889 /* Step 1.e - Change DCC to memory mode */
1890 dscr = dscr | DSCR_MA;
1891 retval += mem_ap_write_atomic_u32(armv8->debug_ap,
1892 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1893 /* Step 1.f - read DBGDTRTX and discard the value */
1894 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
1895 armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1896
1897 }
1898 if (retval != ERROR_OK)
1899 goto error_unset_dtr_r;
1900
1901 /* Optimize the read as much as we can, either way we read in a single pass */
1902 if ((start_byte) || (end_byte)) {
1903 /* The algorithm only copies 32 bit words, so the buffer
1904 * should be expanded to include the words at either end.
1905 * The first and last words will be read into a temp buffer
1906 * to avoid corruption
1907 */
1908 tmp_buff = malloc(total_u32 * 4);
1909 if (!tmp_buff)
1910 goto error_unset_dtr_r;
1911
1912 /* use the tmp buffer to read the entire data */
1913 u8buf_ptr = tmp_buff;
1914 } else
1915 /* address and read length are aligned so read directly into the passed buffer */
1916 u8buf_ptr = buffer;
1917
1918 /* Read the data - Each read of the DTRTX register causes the instruction to be reissued
1919 * Abort flags are sticky, so can be read at end of transactions
1920 *
1921 * This data is read in aligned to 32 bit boundary.
1922 */
1923
1924 /* Step 2.a - Loop n-1 times, each read of DBGDTRTX reads the data from [X0] and
1925 * increments X0 by 4. */
1926 retval = mem_ap_read_buf_noincr(armv8->debug_ap, u8buf_ptr, 4, total_u32-1,
1927 armv8->debug_base + CPUV8_DBG_DTRTX);
1928 if (retval != ERROR_OK)
1929 goto error_unset_dtr_r;
1930
1931 /* Step 3.a - set DTR access mode back to Normal mode */
1932 dscr = (dscr & ~DSCR_MA);
1933 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
1934 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1935 if (retval != ERROR_OK)
1936 goto error_free_buff_r;
1937
1938 /* Step 3.b - read DBGDTRTX for the final value */
1939 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1940 armv8->debug_base + CPUV8_DBG_DTRTX, &value);
1941 memcpy(u8buf_ptr + (total_u32-1) * 4, &value, 4);
1942
1943 /* Check for sticky abort flags in the DSCR */
1944 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
1945 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1946 if (retval != ERROR_OK)
1947 goto error_free_buff_r;
1948
1949 dpm->dscr = dscr;
1950
1951 if (dscr & (DSCR_ERR | DSCR_SYS_ERROR_PEND)) {
1952 /* Abort occurred - clear it and exit */
1953 LOG_ERROR("abort occurred - dscr = 0x%08" PRIx32, dscr);
1954 armv8_dpm_handle_exception(dpm);
1955 goto error_free_buff_r;
1956 }
1957
1958 /* check if we need to copy aligned data by applying any shift necessary */
1959 if (tmp_buff) {
1960 memcpy(buffer, tmp_buff + start_byte, total_bytes);
1961 free(tmp_buff);
1962 }
1963
1964 /* Done */
1965 return ERROR_OK;
1966
1967 error_unset_dtr_r:
1968 /* Unset DTR mode */
1969 mem_ap_read_atomic_u32(armv8->debug_ap,
1970 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
1971 dscr = (dscr & ~DSCR_MA);
1972 mem_ap_write_atomic_u32(armv8->debug_ap,
1973 armv8->debug_base + CPUV8_DBG_DSCR, dscr);
1974 error_free_buff_r:
1975 LOG_ERROR("error");
1976 free(tmp_buff);
1977 return ERROR_FAIL;
1978 }
1979
1980 static int aarch64_read_phys_memory(struct target *target,
1981 target_addr_t address, uint32_t size,
1982 uint32_t count, uint8_t *buffer)
1983 {
1984 int retval = ERROR_COMMAND_SYNTAX_ERROR;
1985
1986 if (count && buffer) {
1987 /* read memory through APB-AP */
1988 retval = aarch64_mmu_modify(target, 0);
1989 if (retval != ERROR_OK)
1990 return retval;
1991 retval = aarch64_read_apb_ap_memory(target, address, size, count, buffer);
1992 }
1993 return retval;
1994 }
1995
1996 static int aarch64_read_memory(struct target *target, target_addr_t address,
1997 uint32_t size, uint32_t count, uint8_t *buffer)
1998 {
1999 int mmu_enabled = 0;
2000 int retval;
2001
2002 /* determine if MMU was enabled on target stop */
2003 retval = aarch64_mmu(target, &mmu_enabled);
2004 if (retval != ERROR_OK)
2005 return retval;
2006
2007 if (mmu_enabled) {
2008 /* enable MMU as we could have disabled it for phys access */
2009 retval = aarch64_mmu_modify(target, 1);
2010 if (retval != ERROR_OK)
2011 return retval;
2012 }
2013 return aarch64_read_apb_ap_memory(target, address, size, count, buffer);
2014 }
2015
2016 static int aarch64_write_phys_memory(struct target *target,
2017 target_addr_t address, uint32_t size,
2018 uint32_t count, const uint8_t *buffer)
2019 {
2020 int retval = ERROR_COMMAND_SYNTAX_ERROR;
2021
2022 if (count && buffer) {
2023 /* write memory through APB-AP */
2024 retval = aarch64_mmu_modify(target, 0);
2025 if (retval != ERROR_OK)
2026 return retval;
2027 return aarch64_write_apb_ap_memory(target, address, size, count, buffer);
2028 }
2029
2030 return retval;
2031 }
2032
2033 static int aarch64_write_memory(struct target *target, target_addr_t address,
2034 uint32_t size, uint32_t count, const uint8_t *buffer)
2035 {
2036 int mmu_enabled = 0;
2037 int retval;
2038
2039 /* determine if MMU was enabled on target stop */
2040 retval = aarch64_mmu(target, &mmu_enabled);
2041 if (retval != ERROR_OK)
2042 return retval;
2043
2044 if (mmu_enabled) {
2045 /* enable MMU as we could have disabled it for phys access */
2046 retval = aarch64_mmu_modify(target, 1);
2047 if (retval != ERROR_OK)
2048 return retval;
2049 }
2050 return aarch64_write_apb_ap_memory(target, address, size, count, buffer);
2051 }
2052
2053 static int aarch64_handle_target_request(void *priv)
2054 {
2055 struct target *target = priv;
2056 struct armv8_common *armv8 = target_to_armv8(target);
2057 int retval;
2058
2059 if (!target_was_examined(target))
2060 return ERROR_OK;
2061 if (!target->dbg_msg_enabled)
2062 return ERROR_OK;
2063
2064 if (target->state == TARGET_RUNNING) {
2065 uint32_t request;
2066 uint32_t dscr;
2067 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2068 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
2069
2070 /* check if we have data */
2071 while ((dscr & DSCR_DTR_TX_FULL) && (retval == ERROR_OK)) {
2072 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2073 armv8->debug_base + CPUV8_DBG_DTRTX, &request);
2074 if (retval == ERROR_OK) {
2075 target_request(target, request);
2076 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2077 armv8->debug_base + CPUV8_DBG_DSCR, &dscr);
2078 }
2079 }
2080 }
2081
2082 return ERROR_OK;
2083 }
2084
2085 static int aarch64_examine_first(struct target *target)
2086 {
2087 struct aarch64_common *aarch64 = target_to_aarch64(target);
2088 struct armv8_common *armv8 = &aarch64->armv8_common;
2089 struct adiv5_dap *swjdp = armv8->arm.dap;
2090 uint32_t cti_base;
2091 int i;
2092 int retval = ERROR_OK;
2093 uint64_t debug, ttypr;
2094 uint32_t cpuid;
2095 uint32_t tmp0, tmp1;
2096 debug = ttypr = cpuid = 0;
2097
2098 retval = dap_dp_init(swjdp);
2099 if (retval != ERROR_OK)
2100 return retval;
2101
2102 /* Search for the APB-AB - it is needed for access to debug registers */
2103 retval = dap_find_ap(swjdp, AP_TYPE_APB_AP, &armv8->debug_ap);
2104 if (retval != ERROR_OK) {
2105 LOG_ERROR("Could not find APB-AP for debug access");
2106 return retval;
2107 }
2108
2109 retval = mem_ap_init(armv8->debug_ap);
2110 if (retval != ERROR_OK) {
2111 LOG_ERROR("Could not initialize the APB-AP");
2112 return retval;
2113 }
2114
2115 armv8->debug_ap->memaccess_tck = 10;
2116
2117 if (!target->dbgbase_set) {
2118 uint32_t dbgbase;
2119 /* Get ROM Table base */
2120 uint32_t apid;
2121 int32_t coreidx = target->coreid;
2122 retval = dap_get_debugbase(armv8->debug_ap, &dbgbase, &apid);
2123 if (retval != ERROR_OK)
2124 return retval;
2125 /* Lookup 0x15 -- Processor DAP */
2126 retval = dap_lookup_cs_component(armv8->debug_ap, dbgbase, 0x15,
2127 &armv8->debug_base, &coreidx);
2128 if (retval != ERROR_OK)
2129 return retval;
2130 LOG_DEBUG("Detected core %" PRId32 " dbgbase: %08" PRIx32
2131 " apid: %08" PRIx32, coreidx, armv8->debug_base, apid);
2132 } else
2133 armv8->debug_base = target->dbgbase;
2134
2135 uint32_t prsr;
2136 int64_t then = timeval_ms();
2137 do {
2138 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2139 armv8->debug_base + CPUV8_DBG_PRSR, &prsr);
2140 if (retval == ERROR_OK) {
2141 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
2142 armv8->debug_base + CPUV8_DBG_PRCR, PRCR_COREPURQ|PRCR_CORENPDRQ);
2143 if (retval != ERROR_OK) {
2144 LOG_DEBUG("write to PRCR failed");
2145 break;
2146 }
2147 }
2148
2149 if (timeval_ms() > then + 1000) {
2150 retval = ERROR_TARGET_TIMEOUT;
2151 break;
2152 }
2153
2154 } while ((prsr & PRSR_PU) == 0);
2155
2156 if (retval != ERROR_OK) {
2157 LOG_ERROR("target %s: failed to set power state of the core.", target_name(target));
2158 return retval;
2159 }
2160
2161 retval = mem_ap_write_atomic_u32(armv8->debug_ap,
2162 armv8->debug_base + CPUV8_DBG_OSLAR, 0);
2163 if (retval != ERROR_OK) {
2164 LOG_DEBUG("Examine %s failed", "oslock");
2165 return retval;
2166 }
2167
2168 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2169 armv8->debug_base + CPUV8_DBG_MAINID0, &cpuid);
2170 if (retval != ERROR_OK) {
2171 LOG_DEBUG("Examine %s failed", "CPUID");
2172 return retval;
2173 }
2174
2175 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2176 armv8->debug_base + CPUV8_DBG_MEMFEATURE0, &tmp0);
2177 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
2178 armv8->debug_base + CPUV8_DBG_MEMFEATURE0 + 4, &tmp1);
2179 if (retval != ERROR_OK) {
2180 LOG_DEBUG("Examine %s failed", "Memory Model Type");
2181 return retval;
2182 }
2183 ttypr |= tmp1;
2184 ttypr = (ttypr << 32) | tmp0;
2185
2186 retval = mem_ap_read_atomic_u32(armv8->debug_ap,
2187 armv8->debug_base + CPUV8_DBG_DBGFEATURE0, &tmp0);
2188 retval += mem_ap_read_atomic_u32(armv8->debug_ap,
2189 armv8->debug_base + CPUV8_DBG_DBGFEATURE0 + 4, &tmp1);
2190 if (retval != ERROR_OK) {
2191 LOG_DEBUG("Examine %s failed", "ID_AA64DFR0_EL1");
2192 return retval;
2193 }
2194 debug |= tmp1;
2195 debug = (debug << 32) | tmp0;
2196
2197 LOG_DEBUG("cpuid = 0x%08" PRIx32, cpuid);
2198 LOG_DEBUG("ttypr = 0x%08" PRIx64, ttypr);
2199 LOG_DEBUG("debug = 0x%08" PRIx64, debug);
2200
2201 if (target->ctibase == 0) {
2202 /* assume a v8 rom table layout */
2203 cti_base = armv8->debug_base + 0x10000;
2204 LOG_INFO("Target ctibase is not set, assuming 0x%0" PRIx32, cti_base);
2205 } else
2206 cti_base = target->ctibase;
2207
2208 armv8->cti = arm_cti_create(armv8->debug_ap, cti_base);
2209 if (armv8->cti == NULL)
2210 return ERROR_FAIL;
2211
2212 retval = aarch64_dpm_setup(aarch64, debug);
2213 if (retval != ERROR_OK)
2214 return retval;
2215
2216 /* Setup Breakpoint Register Pairs */
2217 aarch64->brp_num = (uint32_t)((debug >> 12) & 0x0F) + 1;
2218 aarch64->brp_num_context = (uint32_t)((debug >> 28) & 0x0F) + 1;
2219 aarch64->brp_num_available = aarch64->brp_num;
2220 aarch64->brp_list = calloc(aarch64->brp_num, sizeof(struct aarch64_brp));
2221 for (i = 0; i < aarch64->brp_num; i++) {
2222 aarch64->brp_list[i].used = 0;
2223 if (i < (aarch64->brp_num-aarch64->brp_num_context))
2224 aarch64->brp_list[i].type = BRP_NORMAL;
2225 else
2226 aarch64->brp_list[i].type = BRP_CONTEXT;
2227 aarch64->brp_list[i].value = 0;
2228 aarch64->brp_list[i].control = 0;
2229 aarch64->brp_list[i].BRPn = i;
2230 }
2231
2232 LOG_DEBUG("Configured %i hw breakpoints", aarch64->brp_num);
2233
2234 target->state = TARGET_RUNNING;
2235 target->debug_reason = DBG_REASON_NOTHALTED;
2236
2237 target_set_examined(target);
2238 return ERROR_OK;
2239 }
2240
2241 static int aarch64_examine(struct target *target)
2242 {
2243 int retval = ERROR_OK;
2244
2245 /* don't re-probe hardware after each reset */
2246 if (!target_was_examined(target))
2247 retval = aarch64_examine_first(target);
2248
2249 /* Configure core debug access */
2250 if (retval == ERROR_OK)
2251 retval = aarch64_init_debug_access(target);
2252
2253 return retval;
2254 }
2255
2256 /*
2257 * Cortex-A8 target creation and initialization
2258 */
2259
2260 static int aarch64_init_target(struct command_context *cmd_ctx,
2261 struct target *target)
2262 {
2263 /* examine_first() does a bunch of this */
2264 return ERROR_OK;
2265 }
2266
2267 static int aarch64_init_arch_info(struct target *target,
2268 struct aarch64_common *aarch64, struct jtag_tap *tap)
2269 {
2270 struct armv8_common *armv8 = &aarch64->armv8_common;
2271
2272 /* Setup struct aarch64_common */
2273 aarch64->common_magic = AARCH64_COMMON_MAGIC;
2274 /* tap has no dap initialized */
2275 if (!tap->dap) {
2276 tap->dap = dap_init();
2277 tap->dap->tap = tap;
2278 }
2279 armv8->arm.dap = tap->dap;
2280
2281 /* register arch-specific functions */
2282 armv8->examine_debug_reason = NULL;
2283 armv8->post_debug_entry = aarch64_post_debug_entry;
2284 armv8->pre_restore_context = NULL;
2285 armv8->armv8_mmu.read_physical_memory = aarch64_read_phys_memory;
2286
2287 armv8_init_arch_info(target, armv8);
2288 target_register_timer_callback(aarch64_handle_target_request, 1, 1, target);
2289
2290 return ERROR_OK;
2291 }
2292
2293 static int aarch64_target_create(struct target *target, Jim_Interp *interp)
2294 {
2295 struct aarch64_common *aarch64 = calloc(1, sizeof(struct aarch64_common));
2296
2297 return aarch64_init_arch_info(target, aarch64, target->tap);
2298 }
2299
2300 static int aarch64_mmu(struct target *target, int *enabled)
2301 {
2302 if (target->state != TARGET_HALTED) {
2303 LOG_ERROR("%s: target %s not halted", __func__, target_name(target));
2304 return ERROR_TARGET_INVALID;
2305 }
2306
2307 *enabled = target_to_aarch64(target)->armv8_common.armv8_mmu.mmu_enabled;
2308 return ERROR_OK;
2309 }
2310
2311 static int aarch64_virt2phys(struct target *target, target_addr_t virt,
2312 target_addr_t *phys)
2313 {
2314 return armv8_mmu_translate_va_pa(target, virt, phys, 1);
2315 }
2316
2317 COMMAND_HANDLER(aarch64_handle_cache_info_command)
2318 {
2319 struct target *target = get_current_target(CMD_CTX);
2320 struct armv8_common *armv8 = target_to_armv8(target);
2321
2322 return armv8_handle_cache_info_command(CMD_CTX,
2323 &armv8->armv8_mmu.armv8_cache);
2324 }
2325
2326
2327 COMMAND_HANDLER(aarch64_handle_dbginit_command)
2328 {
2329 struct target *target = get_current_target(CMD_CTX);
2330 if (!target_was_examined(target)) {
2331 LOG_ERROR("target not examined yet");
2332 return ERROR_FAIL;
2333 }
2334
2335 return aarch64_init_debug_access(target);
2336 }
2337 COMMAND_HANDLER(aarch64_handle_smp_off_command)
2338 {
2339 struct target *target = get_current_target(CMD_CTX);
2340 /* check target is an smp target */
2341 struct target_list *head;
2342 struct target *curr;
2343 head = target->head;
2344 target->smp = 0;
2345 if (head != (struct target_list *)NULL) {
2346 while (head != (struct target_list *)NULL) {
2347 curr = head->target;
2348 curr->smp = 0;
2349 head = head->next;
2350 }
2351 /* fixes the target display to the debugger */
2352 target->gdb_service->target = target;
2353 }
2354 return ERROR_OK;
2355 }
2356
2357 COMMAND_HANDLER(aarch64_handle_smp_on_command)
2358 {
2359 struct target *target = get_current_target(CMD_CTX);
2360 struct target_list *head;
2361 struct target *curr;
2362 head = target->head;
2363 if (head != (struct target_list *)NULL) {
2364 target->smp = 1;
2365 while (head != (struct target_list *)NULL) {
2366 curr = head->target;
2367 curr->smp = 1;
2368 head = head->next;
2369 }
2370 }
2371 return ERROR_OK;
2372 }
2373
2374 static const struct command_registration aarch64_exec_command_handlers[] = {
2375 {
2376 .name = "cache_info",
2377 .handler = aarch64_handle_cache_info_command,
2378 .mode = COMMAND_EXEC,
2379 .help = "display information about target caches",
2380 .usage = "",
2381 },
2382 {
2383 .name = "dbginit",
2384 .handler = aarch64_handle_dbginit_command,
2385 .mode = COMMAND_EXEC,
2386 .help = "Initialize core debug",
2387 .usage = "",
2388 },
2389 { .name = "smp_off",
2390 .handler = aarch64_handle_smp_off_command,
2391 .mode = COMMAND_EXEC,
2392 .help = "Stop smp handling",
2393 .usage = "",
2394 },
2395 {
2396 .name = "smp_on",
2397 .handler = aarch64_handle_smp_on_command,
2398 .mode = COMMAND_EXEC,
2399 .help = "Restart smp handling",
2400 .usage = "",
2401 },
2402
2403 COMMAND_REGISTRATION_DONE
2404 };
2405 static const struct command_registration aarch64_command_handlers[] = {
2406 {
2407 .chain = armv8_command_handlers,
2408 },
2409 {
2410 .name = "aarch64",
2411 .mode = COMMAND_ANY,
2412 .help = "Aarch64 command group",
2413 .usage = "",
2414 .chain = aarch64_exec_command_handlers,
2415 },
2416 COMMAND_REGISTRATION_DONE
2417 };
2418
2419 struct target_type aarch64_target = {
2420 .name = "aarch64",
2421
2422 .poll = aarch64_poll,
2423 .arch_state = armv8_arch_state,
2424
2425 .halt = aarch64_halt,
2426 .resume = aarch64_resume,
2427 .step = aarch64_step,
2428
2429 .assert_reset = aarch64_assert_reset,
2430 .deassert_reset = aarch64_deassert_reset,
2431
2432 /* REVISIT allow exporting VFP3 registers ... */
2433 .get_gdb_reg_list = armv8_get_gdb_reg_list,
2434
2435 .read_memory = aarch64_read_memory,
2436 .write_memory = aarch64_write_memory,
2437
2438 .add_breakpoint = aarch64_add_breakpoint,
2439 .add_context_breakpoint = aarch64_add_context_breakpoint,
2440 .add_hybrid_breakpoint = aarch64_add_hybrid_breakpoint,
2441 .remove_breakpoint = aarch64_remove_breakpoint,
2442 .add_watchpoint = NULL,
2443 .remove_watchpoint = NULL,
2444
2445 .commands = aarch64_command_handlers,
2446 .target_create = aarch64_target_create,
2447 .init_target = aarch64_init_target,
2448 .examine = aarch64_examine,
2449
2450 .read_phys_memory = aarch64_read_phys_memory,
2451 .write_phys_memory = aarch64_write_phys_memory,
2452 .mmu = aarch64_mmu,
2453 .virt2phys = aarch64_virt2phys,
2454 };
Official OpenOCD Mirror