2 * lpcload.c - load firmware into ram of lpc2220 via uart0
4 * author: hackbard@hackdaworld.org, rolf.anders@physik.uni-augsburg.de
7 * usage: sudo ./lpcload -d /dev/ttyS0 -f firmware.hex [-v]
14 #include <sys/types.h>
19 #define VERBOSE (1<<0)
20 #define FIRMWARE (1<<1)
25 #define BANK0_ADDR 0x80000000
26 #define BANK2_ADDR 0x82000000
27 #define BANK_SIZE 0x00100000
28 #define BL_ADDR 0x7fffe000
29 #define BL_SIZE 0x00000800
31 #define CMD_READ 'R' // stay compatible to fwflash!
33 #define TXRX_TYPE_SYNC 0x00
34 #define TXRX_TYPE_CKSM 0x00
35 #define TXRX_TYPE_BAUD 0x01
36 #define TXRX_TYPE_CMD 0x02
37 #define TXRX_TYPE_DATA 0x03
38 #define TXRX_TYPE_GO 0x04
40 #define CMD_SUCCESS "0\r\n"
41 #define INVALID_COMMAND "1\r\n"
42 #define SRC_ADDR_ERROR "2\r\n"
43 #define DST_ADDR_ERROR "3\r\n"
44 #define SRC_ADDR_NOT_MAPPED "4\r\n"
45 #define DST_ADDR_NOT_MAPPED "5\r\n"
46 #define COUNT_ERROR "6\r\n"
47 #define COMPARE_ERROR "10\r\n"
49 #define PARAM_ERROR "12\r\n"
50 #define ADDR_ERROR "13\r\n"
51 #define ADDR_NOT_MAPPED "14\r\n"
52 #define CMD_LOCKED "15\r\n"
53 #define INVALID_CODE "16\r\n"
54 #define INVALID_BAUD_RATE "17\r\n"
55 #define INVALID_STOP_BIT "18\r\n"
57 #define CRYSTFREQ "10000"
58 #define RAMOFFSET 0x40000200
62 typedef unsigned char u8;
63 typedef unsigned short u16;
64 typedef unsigned int u32;
66 typedef struct s_lpc {
67 int sfd; /* serial fd */
68 char sdev[128]; /* seriel device */
69 int fwfd; /* fimrware fd */
70 char fwfile[128]; /* firmware file */
71 u8 info; /* info/mode */
72 char freq[8]; /* frequency */
73 char bank0[127]; /* flash dump bank0 */
74 int b0fd; /* dumpfile fd bank0 */
75 char bank2[127]; /* flash dump bank2 */
76 int b2fd; /* dumpfile fd bank0 */
77 char bl[127]; /* flash dump bootloader */
78 int blfd; /* dumpfile fd bootloader */
79 u32 roff; /* ram offset of uc */
80 u32 jaddr; /* addr for the jump */
85 printf("possible argv:\n");
86 printf(" -d <serial device>\n");
87 printf(" -f <firmware>\n");
88 printf(" -c <crystal freq>\n");
89 printf(" -Dx <filename>\n");
90 printf(" x=0: bank0, x=2: bank2, x=b: bootloader\n");
95 int open_serial_device(t_lpc *lpc) {
99 //memset(&term,0,sizeof(struct termios));
101 /* open serial device */
103 lpc->sfd=open(lpc->sdev,O_RDWR);
109 /* configure the serial device */
111 tcgetattr(lpc->sfd,&term);
113 // input/output baudrate
115 cfsetispeed(&term,B38400);
116 cfsetospeed(&term,B38400);
118 // control options -> 8n1
120 term.c_cflag&=~PARENB; // no parity
121 term.c_cflag&=~CSTOPB; // only 1 stop bit
122 term.c_cflag&=~CSIZE; // no bit mask for data bits
123 term.c_cflag|=CS8; // 8 data bits
125 // line options -> raw input
127 term.c_lflag&=~(ICANON|ECHO|ECHOE|ISIG);
129 // input options -> enable flow control
131 //term.c_iflag&=~(IXON|IXOFF|IXANY|INLCR|ICRNL);
132 term.c_iflag&=~(INLCR|ICRNL|IXANY);
133 term.c_iflag|=(IXON|IXOFF);
139 // more control options -> timeout / flow control
142 term.c_cc[VTIME]=10; // 1 second timeout
143 term.c_cc[VSTART]=0x11;
144 term.c_cc[VSTOP]=0x13;
146 tcsetattr(lpc->sfd,TCSANOW,&term);
151 int open_firmware(t_lpc *lpc) {
153 /* open firmware file */
155 lpc->fwfd=open(lpc->fwfile,O_RDONLY);
163 int open_dumpfiles(t_lpc *lpc) {
167 if(lpc->info&BANK0) {
168 lpc->b0fd=open(lpc->bank0,O_WRONLY|O_CREAT);
170 perror("bank0 dump file open");
175 if(lpc->info&BANK2) {
176 lpc->b2fd=open(lpc->bank2,O_WRONLY|O_CREAT);
178 perror("bank2 dump file open");
184 lpc->blfd=open(lpc->bl,O_WRONLY|O_CREAT);
186 perror("bootloader dump file open");
194 int txrx(t_lpc *lpc,char *buf,int len,u8 type) {
201 if(lpc->info&VERBOSE)
205 ret=write(lpc->sfd,buf+cnt,len);
207 perror("txrx write");
210 if(lpc->info&VERBOSE)
213 ((buf[cnt+i]>0x19)&(buf[cnt+i]<0x7f))?
218 if(lpc->info&VERBOSE) {
221 printf("%02x ",buf[i]);
222 printf("| (%d)\n",cnt);
227 /* cut the echo if not of type auto baud */
229 if(type!=TXRX_TYPE_BAUD) {
231 ret=read(lpc->sfd,buf,cnt);
233 perror("txrx echo cut");
240 /* return if type is go */
242 if(type==TXRX_TYPE_GO)
245 /* return here if type is data */
247 if(type==TXRX_TYPE_DATA)
252 ret=read(lpc->sfd,buf,1);
254 perror("txrx read (first byte)");
272 printf("txrx read: bad return byte '%02x'\n",buf[0]);
279 ret=read(lpc->sfd,buf+1+cnt-i,i);
281 perror("txrx read (next bytes)");
286 if(lpc->info&VERBOSE) {
289 printf("%c",((buf[i]>0x19)&(buf[i]<0x7f))?
293 printf("%02x ",buf[i]);
294 printf("| (%d)\n",cnt+1);
298 /* check/strip return code if type is cmd */
300 if(type==TXRX_TYPE_CMD) {
301 ret=strlen(CMD_SUCCESS);
302 if(!strncmp(buf,CMD_SUCCESS,ret)) {
308 printf("txrx bad return code!\n");
316 int bl_init(t_lpc *lpc) {
321 /* auto baud sequence */
323 txrx(lpc,buf,1,TXRX_TYPE_BAUD);
324 if(strncmp(buf,"Synchronized\r\n",14)) {
325 printf("auto baud detection failed\n");
329 /* tell bl that we are synchronized (it's allready in buf) */
330 txrx(lpc,buf,14,TXRX_TYPE_SYNC);
331 if(strncmp(buf,"OK\r\n",4)) {
332 printf("sync failed\n");
336 /* tell bl the crystal frequency */
337 len=strlen(lpc->freq)+2;
338 strncpy(buf,lpc->freq,BUFSIZE);
341 txrx(lpc,buf,len,TXRX_TYPE_SYNC);
342 if(strncmp(buf,"OK\r\n",4)) {
343 printf("freq set failed\n");
350 int unlock_go(t_lpc *lpc) {
355 memcpy(buf,"U 23130\r\n",9);
356 ret=txrx(lpc,buf,9,TXRX_TYPE_CMD);
366 snprintf(buf,BUFSIZE,"G %d A\r\n",lpc->jaddr);
368 ret=txrx(lpc,buf,len,TXRX_TYPE_GO);
373 int uuencode(u8 *in,u8 *out,int len) {
376 out[1]=0x20+((in[0]>>2)&0x3f);
377 out[2]=0x20+(((in[0]<<4)|(in[1]>>4))&0x3f);
378 out[3]=0x20+(((in[1]<<2)|(in[2]>>6))&0x3f);
379 out[4]=0x20+(in[2]&0x3f);
384 int write_to_ram(t_lpc *lpc,char *buf,u32 addr,int len) {
388 char txrxbuf[BUFSIZE];
395 printf("ram write: not a multiple of 4\n");
399 /* make it a multiple of 3 (reason: uuencode) */
400 nlen=(!(len%3))?len:((len/3+1)*3);
402 printf("ram write: too much data\n");
405 for(i=len;i<nlen;i++) buf[i]=0;
410 /* prepare write command */
411 if(lpc->info&VERBOSE)
412 printf("writing 0x%02x bytes to 0x%08x\n",len,addr);
413 snprintf(txrxbuf,BUFSIZE,"W %d %d\r\n",addr,len);
414 slen=strlen(txrxbuf);
416 /* send command and check return code */
417 txrx(lpc,txrxbuf,slen,TXRX_TYPE_CMD);
426 /* uuencode / prepare data bytes */
427 uuencode((u8 *)(buf+bcnt),(u8 *)(txrxbuf),
428 (bcnt==nlen-3)?(len%3?len%3:3):3);
433 checksum+=((u8)buf[bcnt]+(u8)buf[bcnt+1]+(u8)buf[bcnt+2]);
435 /* send a data line */
436 txrx(lpc,txrxbuf,7,TXRX_TYPE_DATA);
438 /* increase counters */
444 if((!(lcount%20))|(bcnt==nlen)) {
446 memcpy(txrxbuf,"`\r\n",3);
447 //txrx(lpc,txrxbuf,3,TXRX_TYPE_DATA);
449 snprintf(txrxbuf,BUFSIZE,"%d\r\n",checksum);
450 slen=strlen(txrxbuf);
451 txrx(lpc,txrxbuf,slen,TXRX_TYPE_CKSM);
452 if(!strncmp(txrxbuf,"RESE",4)) {
453 read(lpc->sfd,txrxbuf+4,4);
454 printf("ram write: resending ...\n");
457 if(strncmp(txrxbuf,"OK\r\n",4)) {
458 printf("ram write: bad response\n");
461 /* reset checksum & counter */
471 int firmware_to_ram(t_lpc *lpc) {
481 ret=read(lpc->fwfd,buf,1);
491 printf("fw to ram: no ihex format\n");
495 ret=read(lpc->fwfd,buf,2);
496 sscanf(buf,"%02x",&len);
498 ret=read(lpc->fwfd,buf,4);
499 sscanf(buf,"%04x",&addr);
501 ret=read(lpc->fwfd,buf,2);
502 sscanf(buf,"%02x",&type);
503 /* successfull return if type is end of file */
506 /* read data (and cksum) */
507 ret=read(lpc->fwfd,buf,2*(len+1));
508 if(ret!=(2*(len+1))) {
509 printf("fw to ram: data missing\n");
512 for(ret=0;ret<len;ret++) {
513 sscanf(buf+2*ret,"%02x",&temp);
516 /* act according to type */
519 // /* get cs and ip */
523 printf("fw to ram: invalid len\n");
526 write_to_ram(lpc,buf,addr,len);
529 lpc->roff=((buf[0]<<24)|(buf[1]<<16));
532 lpc->jaddr=((buf[0]<<24)|(buf[1]<<16));
533 lpc->jaddr|=((buf[2]<<8)|buf[3]);
536 printf("fw to ram: unknown type %02x\n",type);
544 int lpc_txbuf_flush(t_lpc *lpc) {
550 printf("flushing lpc tx buffer: ");
552 ret=read(lpc->sfd,buf,16);
554 printf("%02x ",buf[i]);
561 int dump_files(int sfd,int dfd,u32 addr,u32 len) {
569 printf("dumping content (addr=0x%08x, len=0x%08x) ...\n",addr,len);
575 buf[1]=(addr>>24)&0xff;
576 buf[2]=(addr>>16)&0xff;
577 buf[3]=(addr>>8)&0xff;
579 buf[5]=(len>>24)&0xff;
580 buf[6]=(len>>16)&0xff;
581 buf[7]=(len>>8)&0xff;
583 printf(" sending cmd: ");
585 ret=write(sfd,buf+cnt,size);
586 for(i=cnt;i<cnt+ret;i++)
587 printf("%02x ",buf[i]);
589 perror("dump file: send cmd ");
597 /* receive data and dump it to file */
600 printf(" receiving data ...\n");
602 ret=read(sfd,buf,16);
604 perror("dump file: read data");
610 ret=write(dfd,buf+cnt,size-cnt);
612 perror("dump file: write data");
623 int main(int argc,char **argv) {
633 memset(&lpc,0,sizeof(t_lpc));
634 strncpy(lpc.freq,CRYSTFREQ,7);
640 for(i=1;i<argc;i++) {
642 if(argv[i][0]!='-') {
649 strncpy(lpc.sdev,argv[++i],127);
652 strncpy(lpc.fwfile,argv[++i],127);
659 strncpy(lpc.freq,argv[++i],7);
662 if(argv[i][2]=='0') {
664 strncpy(lpc.bank0,argv[++i],127);
667 else if(argv[i][2]=='2') {
669 strncpy(lpc.bank2,argv[++i],127);
672 else if(argv[i][2]=='b') {
674 strncpy(lpc.bl,argv[++i],127);
689 /* open serial port */
690 if(open_serial_device(&lpc)<0)
693 /* boot loader init */
694 printf("boot loader init ...\n");
698 /* quit if there is no hex file to process */
699 if(!(lpc.info&FIRMWARE)) {
700 printf("no firmware -> aborting\n");
704 /* open firmware file */
705 if(open_firmware(&lpc)<0)
708 /* open dump files */
709 if(open_dumpfiles(&lpc)<0)
712 /* parse intel hex file and write to ram */
713 printf("write firmware to ram ...\n");
714 firmware_to_ram(&lpc);
717 printf("unlock go command ...\n");
724 /* flush the lpc2220 tx buf */
725 lpc_txbuf_flush(&lpc);
727 /* download flash/bootloader content */
729 dump_files(lpc.sfd,lpc.b0fd,BANK0_ADDR,BANK_SIZE);
731 dump_files(lpc.sfd,lpc.b2fd,BANK2_ADDR,BANK_SIZE);
733 dump_files(lpc.sfd,lpc.blfd,BL_ADDR,BL_SIZE);
projects / my-code / arm.git / blob