Solved! Go to Solution.
Hi @ovidiuadrian,
The problem is that when the first sector is erased, the Flash configuration field is erased (FSEC = 0xFF = SECURE, Backdoor = all 0xFF) and the IVT along with the SP and Reset vector is erased too. If something goes wrong and the MCU is reset, the MCU will be secured, and it won't be able to jump to the SRAM where the routines are. It detects a fault exception that is escalated all the way to core lockup (which means System reset on this device). The only way would be to erase the CSEc keys before the Block gets erased, then, Mass erase would be allowed again to unclock it if something goes wrong.
Regards,
Daniel
Hello Ovidiu,
Was the CSEc enabled (keys allocated through partitioning) on that MCUs that got locked?
If so, and if the MCU was reset while the first sector was erased (FSEC[SEC] = SECURE), there is no way to unlock it.
There would need to be a code that launches the Backdoor key command, or as you mentioned, the CSEc would have to be disabled by erasing the CSEc keys.
I would recommend keeping the bootloader in the PFlash at the first sector that includes the IVT, Flash configuration field, so that it can't be erased. The rest of the PFlash can be erase using the Erase Sector FTFC command and reprogrammed.
I believe your company have FAEs assigned, can you contact them?
BR, Daniel
Hello Daniel,
Thank you for your reply, yes, we have an FAEs assigned, we send him the same text in an email, so far we didn't get any news from him, so if you can put us in contact with someone it is highly appreciated.
We are using erase block and CSEc was enabled. This is bad news for us because we can't test any implementation of the flasher without losing a unit.
We can launch a Backdoor key command or erase the CSEc keys from our RAM firmware. (Having a bootloader in PFlash wont work for us because we use all PFlash)
But I will need some help on how to unlock it before erasing.
Hi @ovidiuadrian,
The problem is that when the first sector is erased, the Flash configuration field is erased (FSEC = 0xFF = SECURE, Backdoor = all 0xFF) and the IVT along with the SP and Reset vector is erased too. If something goes wrong and the MCU is reset, the MCU will be secured, and it won't be able to jump to the SRAM where the routines are. It detects a fault exception that is escalated all the way to core lockup (which means System reset on this device). The only way would be to erase the CSEc keys before the Block gets erased, then, Mass erase would be allowed again to unclock it if something goes wrong.
Regards,
Daniel