https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1582697#M64579 <P>Thanks.</P><P>I want to test the backdoor key,and I've modified the flash configuiration in startup_MK64F12.s as below</P><LI-CODE lang="markup">__FlashConfig DCD 0xAAAAAAAA /* 8 bytes backdoor comparison key */ DCD 0xAAAAAAAA /* */ DCD 0xFFFFFFFF /* 4 bytes program flash protection bytes */ DCD 0xFFFF7FBF /* FDPROT:FEPROT:FOPT:FSEC(0xBF = secure) */ __FlashConfig_End</LI-CODE><P>&nbsp;but&nbsp;<SPAN>FLASH_GetSecurityState()&nbsp; always return unsecure,any step that I've missed?</SPAN></P> Sat, 14 Jan 2023 04:46:24 GMT jake111 2023-01-14T04:46:24Z https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1581533#M64568 <P>My program consists of bootloader(0~0xA000) and the program starts from 0xA000.</P><P>The bootloader is used to update the firmware,but sometimes I want to update the bootloader firmware by the program after 0xA000.</P><P>But an error occurs when I call FLASH_ERASE(&amp;flashstate, 0, 0xA000, Key) and flash protection bytes(0x400-0x40F) are set.It seems the first serveral sectors are not allowed to erase.How can I program bootloader?</P><P>&nbsp;</P><P>FLASH_GetSecurityState() always return unsecure,it doesn't seem to be a secure issue?</P> Thu, 12 Jan 2023 10:33:42 GMT https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1581533#M64568 jake111 2023-01-12T10:33:42Z https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1582549#M64578 <P>Hi&nbsp;<a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/206427">@jake111</a>&nbsp;</P> <P>I recommend you to read Application Note AN2295: Developer's Serial Bootloader. This document has a lot of information about modifying the memory.</P> <P>Let me know if you have another question.</P> <P>Best Regards, Miguel.</P> Fri, 13 Jan 2023 16:36:13 GMT https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1582549#M64578 Miguel04 2023-01-13T16:36:13Z https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1582697#M64579 <P>Thanks.</P><P>I want to test the backdoor key,and I've modified the flash configuiration in startup_MK64F12.s as below</P><LI-CODE lang="markup">__FlashConfig DCD 0xAAAAAAAA /* 8 bytes backdoor comparison key */ DCD 0xAAAAAAAA /* */ DCD 0xFFFFFFFF /* 4 bytes program flash protection bytes */ DCD 0xFFFF7FBF /* FDPROT:FEPROT:FOPT:FSEC(0xBF = secure) */ __FlashConfig_End</LI-CODE><P>&nbsp;but&nbsp;<SPAN>FLASH_GetSecurityState()&nbsp; always return unsecure,any step that I've missed?</SPAN></P> Sat, 14 Jan 2023 04:46:24 GMT https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1582697#M64579 jake111 2023-01-14T04:46:24Z https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1586203#M64598 <P>Hi&nbsp;<a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/206427">@jake111</a>&nbsp;</P> <P>I've found this information that could help you:</P> <P>1. Chapter&nbsp;29.4.13.3 on the K64 reference manual mentions how to unsecure the mcu using a backdoor key.</P> <P>2. On the K<SPAN>inetis SDK v.2.0 API Reference Manual, chapter 19.5.11 there is a function called FLASH_SecurityBypass, also on&nbsp;MCU Bootloader v2.5.0 Reference Manual 9.4.7 there is more information of this function.</SPAN></P> <P><SPAN>Let me know if you found this usefull, I'll be looking for more information.</SPAN></P> <P><SPAN>Best Regards, Miguel.</SPAN></P> <P>&nbsp;</P> Fri, 20 Jan 2023 18:06:33 GMT https://community.nxp.com/t5/Kinetis-Microcontrollers/How-to-program-the-first-40KB-by-program/m-p/1586203#M64598 Miguel04 2023-01-20T18:06:33Z