AnsweredAssumed Answered

How to use Enhanced Code Read Protection of LPC546xx

Question asked by BOSSARD Guillaume on Jun 5, 2018
Latest reply on Jun 5, 2018 by jeremyzhou

Hello,

 

I'm using LPC54628 and I'm trying to use ECRP to protect from read firmware.

I would like to protect reading FLASH memory from ISP and SWD.

So I give following value to ECRP (0x0001A800) :

#define ECRP ((2 << 10) | (2 << 12) | (2 << 14) | (1 << 16))
void (* const g_pfnVectors[])(void) = {
    // Core Level - CM4
    &_vStackTop,                       // The initial stack pointer
    ResetISR,                          // The reset handler
    NMI_Handler,                       // The NMI handler
    HardFault_Handler,                 // The hard fault handler
    MemManage_Handler,                 // The MPU fault handler
    BusFault_Handler,                  // The bus fault handler
    UsageFault_Handler,                // The usage fault handler
    __valid_user_code_checksum,        // LPC MCU checksum
    (void (*)()) ECRP,                 // ECRP
    0,                                 // Reserved
    0,                                 // Reserved
    SVC_Handler,                       // SVCall handler
    DebugMon_Handler,                  // Debug monitor handler
    0,                                 // Reserved
    PendSV_Handler,                    // The PendSV handler
    SysTick_Handler,                   // The SysTick handler

 ...

 

Reading The User manuel (UM10912 ->  Chapter 43: LPC546xx Enhanced Code Read Protection )

That should do the following configuration :

[11:10] IAP ERASE / WRITE PROTECTION : 01 IAP Sector Erase/Write protection is enabled.

[13:12] ISP ENTRY from bootloader : 10 Allow ISP entry via pins.

[15:14] ISP ENTRY from IAP call :10 Allow ISP entry via IAP call.

[17:16] SWD ENABLE : 01 Disable external access to chip. This option disables SWD. ISP commands are restricted to prevent code being loaded to ram and executed (disables ISP Go command). Memory contents cannot
be read or compared (disables ISP compare memory). Sector protection is still applicable. Mass erase
is permitted if enabled via OTP.

 

ISP restrictions work as expected : I can't read memory with flash magic and I still can load a new firmware.

But SWD is not disable : So I can load a new firmware in ram and read flash memory with MCUXPRESSO.

 

What did I do wrong ?

Outcomes