AnsweredAssumed Answered

Kinetis k64 Security And protection

Question asked by dotan goldberg on Dec 4, 2017
Latest reply on Dec 4, 2017 by Mark Butcher



I am trying to operate the security and protection capabilities in K64 following AN4507 document
Using the 16 bytes defined in startup_MK64F12.S file FlashConfig section.
It seems that the FSEC register, SEC bits value returns to 10b (not active)


Example of my configuration:

/* Flash Configuration */
.section .FlashConfig, "a"
.long 0x01020304
.long 0x05060708
.long 0xFFFFFFFF
.long 0xFFFFFFBF

After flashing the actual result is FSEC = 0xBE


In the AN it is written "If the flash memory module is unsecured using backdoor key access, the SEC field is forced to 10b"... is it related to my problem?


1. Is it possible to get a use case example of security, back door key and mass erase disable configurations?

2. I am using the kboot, so in fact the application image actually configured as follow (MK64FN1M0xxx12_flash.ld) :

/* Specify the memory areas */
m_interrupts (RX) : ORIGIN = 0x0000A000, LENGTH = 0x00000400
m_flash_config (RX) : ORIGIN = 0x0000A400, LENGTH = 0x00000010
m_text (RX) : ORIGIN = 0x0000A410, LENGTH = 0x000FFBF0
m_data (RW) : ORIGIN = 0x1FFF0000, LENGTH = 0x00010000
m_data_2 (RW) : ORIGIN = 0x20000000, LENGTH = 0x00030000

Apparently the 'actual' file startup_MK64F12.S is in the kboot sources...
Does is matter if the security is configured from the kboot image?
Would the security and protection function the same even if for example blhost.exe application stop the uc at the boot?


3. Is it possible to get a use case example of protection registers FPROT0–3 ? was it suitable for 'read only' section definitions in the flash (for example to store 'factory settings' data) ?


Thank you very much!