K22F Flash Security

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决

K22F Flash Security

跳至解决方案
910 次查看
whata
Contributor III

Hi,

I have a K22F device which contains :

loader application at offset 0x00

primary application at offset x

secondary application at offset y

Default startup file provided by mcuxpresso contains Flash configuration block of four words which is placed at relative offset of 0x400 and contains Backdoor key/Program protection adn Fsec settings.

I wan to secure the device according to the following settings:

- Backdoor Key disabled
- Mass Erase disabled
- Freescale factory access is denied
- Flash security is enabled ( Jtag/Swd is disabled )

This implies that FSEC needs to be set to 0xC4.  So as far as I understand  flash configuration in the startup file needs to be modified to:

__attribute__ ((used,section(".FlashConfig"))) const struct {
    unsigned int word1;
    unsigned int word2;
    unsigned int word3;
    unsigned int word4;
} Flash_Config = {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFC4};

 

What I do not understand is if these settings needs to be applied to x+400 and y+400 too or only to loader part of flash region 0+400?  My reasoning is as follows:

1. MCU goes out of reset and Flash Security is configured according to settings stored at 0x00+0x400

2. Loader application jumps to application at offset x or y depending on configuration

3. Flash Security is reconfigured according to settings stored at x+400 or y+400?

 

My primary objective is to disable access to device (flash-dump, swd/jtag access)

标签 (1)
0 项奖励
1 解答
867 次查看
nxf58904
NXP Employee
NXP Employee

Hi,

Because the fopt was loaded by core, and the core will load it to flash when flash initializing.After reset ,the processor will not load fopt ,it set up PC ,stack,LR for running application.

As you said , the x and y's FOPT will be ignored .

3.png

 

 

 

Jianyu: 

Have a great day,
TIC

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

 

在原帖中查看解决方案

0 项奖励
3 回复数
868 次查看
nxf58904
NXP Employee
NXP Employee

Hi,

Because the fopt was loaded by core, and the core will load it to flash when flash initializing.After reset ,the processor will not load fopt ,it set up PC ,stack,LR for running application.

As you said , the x and y's FOPT will be ignored .

3.png

 

 

 

Jianyu: 

Have a great day,
TIC

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

 

0 项奖励
873 次查看
whata
Contributor III

TIC,

Thanks for prompt reply. But what happens exactly after jump to x or y application, they do contain FOPT bytes at their relative offset of 400. Are they simply ignored?

0 项奖励
877 次查看
nxf58904
NXP Employee
NXP Employee

Hi,

As the follow picture shows,the Flash configure area (FOPT) was loaded on reset.

You have a loader application, X and Y applications in flash,but you should only set  FOPT at 0x0+0x400(loader application).

nxf58904_0-1599532988275.png

nxf58904_1-1599533492217.png

Jianyu: 

Have a great day,
TIC

 

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

 

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------