2 * Copyright (c) 2019 Tilman Sauerbeck (tilman at code-monkey de)
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
19 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
20 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
21 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24 use common::buffer::Buffer;
25 use common::crc32::Crc32;
28 const COMMAND_ERASE : u32 = 0x49e89a20;
29 const COMMAND_PROGRAM : u32 = 0x37f7dc8d;
30 const COMMAND_VERIFY : u32 = 0x4a213efb;
31 const COMMAND_LOADCHUNK : u32 = 0x1b329768;
33 pub struct Bootloader {
36 sector_data: [u8; flash::SECTOR_SIZE],
38 // The number of bytes in sector_data.
39 // This is always 32 bit aligned and never greater than flash::SECTOR_SIZE.
40 sector_data_length: usize,
51 fn usb_serial_read(c: *mut u8) -> bool;
53 static mut cdc_tx_buf: Buffer;
56 fn try_read_u8() -> Option<u8> {
60 if usb_serial_read(&mut c) {
72 while !usb_serial_read(&mut b) {
79 fn read_u32_le() -> u32 {
91 cdc_tx_buf.write(&[b]);
96 fn write_u32_le(u: u32) {
97 let b = u.to_le_bytes();
100 cdc_tx_buf.write(&b);
109 fn write_nak(e: Error) {
114 pub fn new() -> Bootloader {
118 sector_data: [0u8; flash::SECTOR_SIZE],
119 sector_data_length: 0,
123 pub fn run(&mut self) {
124 if self.command_bytes < 4 {
125 if let Some(b) = try_read_u8() {
127 self.command |= (b as u32) << 24;
129 self.command_bytes += 1;
133 if self.command_bytes == 4 {
134 self.command_bytes = 0;
136 self.process_command();
140 fn process_command(&mut self) {
143 if let Err(e) = self.exec_erase() {
149 COMMAND_LOADCHUNK => {
150 if let Err(e) = self.exec_load_sector_data() {
157 let result = self.exec_verify();
159 if let Err(e) = result {
161 } else if let Ok((a, b)) = result {
169 if let Err(e) = self.exec_program() {
176 write_nak(Error::UnknownCommand);
181 fn exec_erase(&mut self) -> Result<(), Error> {
182 let sector = read_u32_le();
185 Err(Error::InvalidArgument)
187 flash::erase(sector);
193 fn exec_load_sector_data(&mut self) -> Result<(), Error> {
194 let num_bytes = read_u32_le() as usize;
197 Err(Error::InvalidArgument)
198 } else if num_bytes > flash::SECTOR_SIZE {
199 Err(Error::InvalidArgument)
200 } else if (num_bytes & 3) != 0 {
201 Err(Error::InvalidArgument)
205 self.sector_data_length = num_bytes;
207 for i in 0..num_bytes {
208 self.sector_data[i] = read_u8();
211 let expected_crc32 = read_u32_le();
213 let chunk = &self.sector_data[0..self.sector_data_length];
215 let mut actual_crc32 = Crc32::new();
216 actual_crc32.update(chunk);
218 if actual_crc32.finish() != expected_crc32 {
219 Err(Error::ChecksumMismatch)
226 fn exec_verify(&mut self) -> Result<(u32, u32), Error> {
227 let sector = read_u32_le();
230 Err(Error::InvalidArgument)
231 } else if self.sector_data_length == 0 {
232 Err(Error::InvalidArgument)
234 let chunk = &self.sector_data[0..self.sector_data_length];
236 Ok(flash::verify(sector, chunk))
240 fn exec_program(&mut self) -> Result<(), Error> {
241 let sector = read_u32_le();
244 Err(Error::InvalidArgument)
245 } else if self.sector_data_length == 0 {
246 Err(Error::InvalidArgument)
248 let chunk = &self.sector_data[0..self.sector_data_length];
250 Ok(flash::program(sector, chunk))