LPC552x: How to write CMPA to disable debug subdomains from application?

cancel
Showing results for 
Search instead for 
Did you mean: 

LPC552x: How to write CMPA to disable debug subdomains from application?

Jump to solution
348 Views
bas_v
Contributor II

Hi,

We are currently working with a LPC5526 and LPC5528 (both JBD64 non-S variant) and for production purposes we want to disable debug access through SWD and ISP to prevent code readout.

From https://community.nxp.com/t5/LPC-Microcontrollers/LPC5528-how-to-reach-code-security-equal-to-CRP2-i... and the user manual I understand we can write the CC_SOCU_PIN and CC_SOCU_DFLT to disable debug subdomains.

For this I wrote the following code:

 

 

 

#define CMPA_PAGE_LENGTH (512)

// Initialize ROM API for reading CMPA
flash_config_t flashInstance;
FFR_Init(&flashInstance);

// Allocate memory
cmpa_cfg_info_t* cmpaPageData = (cmpa_cfg_info_t*)calloc(CMPA_PAGE_LENGTH, 1);
if (cmpaPageData != NULL) {
	// Read CMPA page back
	FFR_GetCustomerData(&flashInstance, (uint8_t*)cmpaPageData, 0, CMPA_PAGE_LENGTH);

	// Disable all debug subdomains by writing 1/0 for PIN/DFLT
	cmpaPageData->dcfgPin =  0b1111111111;
	// Mirror the value as described in the forum post
	cmpaPageData->dcfgPin |= (~cmpaPageData->dcfgPin << 16);

	cmpaPageData->dcfgDflt = 0b0000000000;
	cmpaPageData->dcfgDflt |= (~cmpaPageData->dcfgDflt << 16);

	// Disable ISP
	cmpaPageData->bootCfg = 0b1110000;

	// Write CMPA page
	FFR_CustFactoryPageWrite(&flashInstance, (uint8_t*)cmpaPageData, false);

	// Free allocated memory
	free(cmpaPageData);
}

 

 

 

 

So for this we read the content from the CMPA page back, configure the CC_SOCU registers and write the page with the modified page content.

Result of running this is code is that the SWD and ISP are disabled, which is good. But additionally the application that was programmed will not run after resetting the microcontroller. The FFR_GetCustomerData function returns success status.

Next to this, I've attempted to leave out modifying the registers and just write the result of FFR_GetCustomerData back using FFR_CustFactoryPageWrite. This also had the same result.

I cannot find any clue in the documentation why our application won't run anymore after a reset/power-cycle. Is there something I'm missing? Is there another way to write CMPA from the application?

Labels (1)
1 Solution
97 Views
Erik_M
Contributor I

For those who are interested; see the attached example to see how to write the CMPA page correctly.

With this example you are able to enable/disable flash protect.

 

View solution in original post

7 Replies
98 Views
Erik_M
Contributor I

For those who are interested; see the attached example to see how to write the CMPA page correctly.

With this example you are able to enable/disable flash protect.

 

View solution in original post

81 Views
airios_arno
Contributor II

An important note is that because of the flash operations being performed, the system clock needs to be below 100 MHz.
This is one of the things we ran into while using this code.

246 Views
bas_v
Contributor II

Hi,

We have attempted the following code on an EVK with LPC55S28 to write CMPA with plain zeros. After this, the whole micro seems to be bricked. I cannot access the ISP interface anymore, nor the application runs or SWD works.

#define CMPA_PAGE_LENGTH (512)

// Initialize ROM API for reading CMPA
flash_config_t flashInstance;
FFR_Init(&flashInstance);

// Allocate memory
cmpa_cfg_info_t* cmpaPageData = (cmpa_cfg_info_t*)calloc(CMPA_PAGE_LENGTH, 1);
if (cmpaPageData != NULL) {
// Read CMPA page back
FFR_GetCustomerData(&flashInstance, (uint8_t*)cmpaPageData, 0, CMPA_PAGE_LENGTH);

// Write CMPA page
FFR_CustFactoryPageWrite(&flashInstance, (uint8_t*)cmpaPageData, false);

// Free allocated memory
free(cmpaPageData);
}

We are doing something wrong here. Could you provide an example to write CMPA from application code? What are we missing?

0 Kudos
212 Views
Erik_M
Contributor I

This implementation was also tested with a SDK example project resulting the same outcome. Please find the project attached.

Simply reading the CMPA page and write the same page back seems to brick the micro. Any ideas what we are doing wrong here?

186 Views
diego_charles
NXP TechSupport
NXP TechSupport

Hi @bas_v  and @Erik_M 

Many thanks  for providing us your additional inputs.

Currently we are working in this. We have seen that there is a internal ticket with the same inquiries with a representant of yours. He let me know that  we could continue through the ticket. After having a resolution we could publish here in the forum. 

Diego.

 

0 Kudos
281 Views
bas_v
Contributor II

Hi,

Thank you for your response.

Unfortunately, the ISP pins are not easy accessible on our custom hardware. Therefore I cannot use them.

I will describe the observation in further detail. When I read back the CMPA using FFR_GetCustomerData, it seems the CMPA is completely empty when unused before. It reads all zeros. I have written the CMPA with the disabled debug configuration and in another attempt just plain zeros that I've read back using FFR_GetCustomerData. But when I power-cycle the LPC, it doesn't jump to the application anymore. My application in flash isn't started.

So the debugging interfaces are disabled, but the application isn't executed anymore after a power-cycle. It doesn't seem to jump to the application.

When I erase and reprogram my application using J-Flash, it is executed again.

My goal is to disable the debug interfaces from application code by writing SOCU_PIN and SOCU_DFLT in CMPA. Is there example code available on how to do this?

Kind regards,

Bas

0 Kudos
288 Views
Alice_Yang
NXP TechSupport
NXP TechSupport

Hello,

1) Recommend make the ISP mode is enabled all the time. The ISP mode is used for testing purposes in case of a wrong configuration is loaded. There is a possibility to reload the configuration.

2) What about your application, what about the detail about it doesn't work.

3) I just curious about how to read after disable debug and ISP。

 

BR

Alice

0 Kudos