• State Not Answered
  • Replies 4 replies
  • Subscribers 74 subscribers
  • Views 51 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 348222
Options

APPROTECT and verify with nrfjprog

Dominik Eugster

Hi

On the nRF52840-QIAA-R there should be implemented the APPROTECT according to this guide:

https://devzone.nordicsemi.com/nordic/nordic-blog/b/blog/posts/working-with-the-nrf52-series-improved-approtect

Informational Notice (IN) - Vulnerability of the nRF52 series.

I implemented now the suggested code on top of main:

void AppProtection(void)
{
#ifdef ENABLE_APPROTECT
	if ((NRF_UICR->APPROTECT & UICR_APPROTECT_PALL_Msk) !=
		(UICR_APPROTECT_PALL_Enabled << UICR_APPROTECT_PALL_Pos)) {
        NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Wen;
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy){}

        NRF_UICR->APPROTECT = ((NRF_UICR->APPROTECT & ~((uint32_t)UICR_APPROTECT_PALL_Msk)) |
		    (UICR_APPROTECT_PALL_Enabled << UICR_APPROTECT_PALL_Pos));

        NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Ren;
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy){}
        NVIC_SystemReset();
   	}
#else
	if ((NRF_UICR->APPROTECT & UICR_APPROTECT_PALL_Msk) !=
		(UICR_APPROTECT_PALL_HwDisabled << UICR_APPROTECT_PALL_Pos)) {

        NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Wen;
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy){}

        NRF_UICR->APPROTECT = ((NRF_UICR->APPROTECT & ~((uint32_t)UICR_APPROTECT_PALL_Msk)) |
		    (UICR_APPROTECT_PALL_HwDisabled << UICR_APPROTECT_PALL_Pos));

        NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Ren;
        while (NRF_NVMC->READY == NVMC_READY_READY_Busy){}
        NVIC_SystemReset();
	}
#endif
}

This is working, but the problem is that the verify in production programming is not working anymore. Is there an option to verify the chip before? Because after a program the chip is getting restarted and read out protection is active which makes verify impossible. Is there a solution to verify with nrfjprog or use nrfjprog to program without starting the code on the nRF52?

nrfjprog --program %HEX_FILE% --verify --log

Parents
  • 0

    And in the bootloader the debug_port_disable function will be called aswell when the SDK_config NRF_BL_DEBUG_PORT_DISABLE is enabled:

    void nrf_bootloader_debug_port_disable(void)
{
    if (NRF_UICR->APPROTECT != 0x0)
    {
        nrf_nvmc_write_word((uint32_t)&NRF_UICR->APPROTECT, 0x0);
        NVIC_SystemReset();
    }
#if (!defined (NRF52810_XXAA) && !defined (NRF52811_XXAA) && !defined (NRF52832_XXAA) && !defined (NRF52832_XXAB))
    if (NRF_UICR->DEBUGCTRL != 0x0)
    {
        nrf_nvmc_write_word((uint32_t)&NRF_UICR->DEBUGCTRL, 0x0);
        NVIC_SystemReset();
    }
#endif
}

    So at the end the device is starting in the bootloader and the function above will enbale the APPROTECT. If a device is running without bootloader (only in development), then the function on top of the main will enable the APPROTECT with the function "AppProtection()"

    Is my understanding and the functions in the bootloader and App correct?

    If yes, the only question is how to flash the nRF52840 with nrfjprog and use the verify, or is there an option to ensure a correct download without verify?

  • 0 in reply to Dominik Eugster

    Hi Dominik,

    Dominik Eugster said:
    Is my understanding and the functions in the bootloader and App correct?

    Yes that's right. https://docs.nordicsemi.com/bundle/nrf5_SDK_v17.1.1/page/lib_secure_boot.html#secure_boot_debug_prod 

    Dominik Eugster said:
    If yes, the only question is how to flash the nRF52840 with nrfjprog and use the verify, or is there an option to ensure a correct download without verify?

    Could you try the following:

    nrfjprog -f NRF52 --recover
    nrfjprog -f NRF52 --eraseall
    nrfjprog -f NRF52 --program file.hex --verify

    -Priyanka

  • 0 in reply to Priyanka

    Hi Priyanka

    The --eraseall is needed after a recover? 

    I tried but its not working, the MCU starts running and enable APPROTECT before verify is finished:

    **********************************************************************
"Recover and disable the read back protection"
**********************************************************************
Recovering device. This operation might take 30s.
Erasing user code and UICR flash areas.
Erasing user available code and UICR flash areas.
Applying system reset.
**********************************************************************
"Reset, Program and Verify the Device"
**********************************************************************
[ #################### ]   6.253s | Program file - Done programming
[error] [  nRF52] - Failed while performing 'Verify' operation on target address 0x00001000.
-160: Data does not match in address range [0x00001000 - 0x00026497] (Flash)
Expected byte value 0x00 but read 0xFB at address 0x0001A468.
[error] [ Client] - Encountered error -160: Command verify_file executed for 1777 milliseconds with result -160
[error] [  nRF52] - Failed while verifying device. -160: Data does not match in address range [0x00001000 - 0x00026497] (Flash)
Expected byte value 0x00 but read 0xFB at address 0x0001A468.
[error] [ Worker] - Data does not match in address range [0x00001000 - 0x00026497] (Flash)
Expected byte value 0x00 but read 0xFB at address 0x0001A468.
ERROR: Write verify failed.
Error occurred, errorlevel: 55
Error on the burning process with "nrfjprog --reset --program --verify"
**********************************************************************
"PROGRAMMING and VERIFY ERROR"
**********************************************************************
Drücken Sie eine beliebige Taste . . .

Reply
  • 0 in reply to Priyanka

    Hi Priyanka

    The --eraseall is needed after a recover? 

    I tried but its not working, the MCU starts running and enable APPROTECT before verify is finished:

    **********************************************************************
"Recover and disable the read back protection"
**********************************************************************
Recovering device. This operation might take 30s.
Erasing user code and UICR flash areas.
Erasing user available code and UICR flash areas.
Applying system reset.
**********************************************************************
"Reset, Program and Verify the Device"
**********************************************************************
[ #################### ]   6.253s | Program file - Done programming
[error] [  nRF52] - Failed while performing 'Verify' operation on target address 0x00001000.
-160: Data does not match in address range [0x00001000 - 0x00026497] (Flash)
Expected byte value 0x00 but read 0xFB at address 0x0001A468.
[error] [ Client] - Encountered error -160: Command verify_file executed for 1777 milliseconds with result -160
[error] [  nRF52] - Failed while verifying device. -160: Data does not match in address range [0x00001000 - 0x00026497] (Flash)
Expected byte value 0x00 but read 0xFB at address 0x0001A468.
[error] [ Worker] - Data does not match in address range [0x00001000 - 0x00026497] (Flash)
Expected byte value 0x00 but read 0xFB at address 0x0001A468.
ERROR: Write verify failed.
Error occurred, errorlevel: 55
Error on the burning process with "nrfjprog --reset --program --verify"
**********************************************************************
"PROGRAMMING and VERIFY ERROR"
**********************************************************************
Drücken Sie eine beliebige Taste . . .

Children
Related
Terms of service