S32 Design Studio & Flash Mass erase

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

S32 Design Studio & Flash Mass erase

6,996 Views
alternativeunof
Contributor II

How do I perform a FLASH mass erase operation with s32k144 and s32 design studio? Can you describe me the precise steps to do that, without risking to brick my board as happened for other people, like here?

Thank you!

Labels (3)
0 Kudos
6 Replies

5,221 Views
jimmylee0407
Contributor I

Based on the procedure of demo in AN12323.pdf,  I don't think mass erase is able to remove partition. The only way to remove EEPROM partition is to do the partition again with suitable parameters. Otherwise, the SIM register for flash config will not be changed. Am I correct??

0 Kudos

5,221 Views
jiri_kral
NXP Employee
NXP Employee

Hi, 

mass erase is performed prior new flash image write operation. You can also use Emergency kinetis device recovery in debug configuration. 

pastedImage_1.png

When you are using FLASH operations by MCU - make sure that you aren't modify flash config on address 0x400-0x410. Erase of that area is okay, but make sure that you don't write there data which disable mass erase and secure the chip. 

Jiri 

0 Kudos

5,221 Views
alternativeunof
Contributor II

Ok, I understood that whenever I want to program/erase my s32k board, I must pay attention to not secure it, otherwise I could not be anymore able to re-program/re-erase it, if I do not have a backdoor key. The fields that I must pay attention to are in the following figure:

image.PNG

  1. The Backdoor Compartison Key is something similar to a password, that if known permits to unsecure the flash
  2. FPROT0-3 must be at 0xFF in order to not secure the P-Flash
  3. FDPROT must be at 0xFF in order to not secure the D-Flash
  4. FEPROT must be at 0xFF in order to not secure the E-Flash (i.e., the EEPROM backup memory)
  5. FOPT must be at 0xFF in order to not customize the boot options
  6. FSEC is composed as following:

image3.PNG

I highlighted in yellow what I want and in red what should happen when I perform a mass erase command (is it true that an erase command will put all flash bits at 1?). You said that an erase of this area is ok (i.e., the erase will not secure the device), even if the mass erase will write SEC = 11b (device is secure).
In the example provided with the SDK, after the erase of all flash blocks, the application will program the Flash Configuration Fields writing the following thing:

uint8_t unsecure_key[FTFx_PHRASE_SIZE] = {0xFFu, 0xFFu, 0xFFu, 0xFFu, 0xFEu, 0xFFu, 0xFFu, 0xFFu}

Where all bits are at 1, except for the FSEC[SEC] field that is at 10b.

So,

  1. How is it possible that when I upload a new application inside the S32K, even if it performs a mass erase operation, it will not secure the device?
  2. Does the mass erase operation remove the partitions of the FLASH memory resetting it to the "default" configuration? If yes, which is the default configuration?
  3. If the application residing in the P-Flash performs a mass erase operation, is the P-Flash not erased?
  4. I do not know how to use the Emergency Kinetis Device Recovery. What is it needed for? Why should I use it instead to perform my mass erase operation from inside the application?
0 Kudos

5,221 Views
jiri_kral
NXP Employee
NXP Employee

Hi, 

actually you need to take special care to MEEN bit, when mass erase is disabled, chip is secured and backdoor key disabled - there is no way back. Secured chip with mass erase enabled is okay. 

Jiri

0 Kudos

5,221 Views
alternativeunof
Contributor II

Ok, so when I erase all the flash content, SEC field secures the chip but the MEEN field leaves the mass erase operation enabled (thus, the example provided with the SDK maybe only wants to show how the flash configuration fields can be written).

What about question 2, 3 and 4? Thank you.

0 Kudos

5,219 Views
jiri_kral
NXP Employee
NXP Employee

Hi, 

2. the default config is using FlexNVM as Dflash 

3. If app performs mass erase - the app erases itself too (at least partly - the program probably ends in some exception). 

4. It is part of debug session with PE Micro debugger. I'm not 100% sure what this option does, but it can erase secured device with key access (jf MEEN is enabled). 

Jiri

0 Kudos