This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Read back protection and code in RAM?

Recently I have put some code of my application into RAM. When I do not enable read back protection mechanism everything works, however when I want to enable protecting my whole code and put some code into RAM I get into hardfault.

I have tried different configurations:

a) CLENR0 = 0xFFFFFFFF (whole code area will be defined as code region 1 (CR1)) , RBPCONF = 0xFFFF00FF (Protect all)

b) CLENR0 = 0xFFFFFFFF (whole code area will be defined as code region 1 (CR1)) , RBPCONF = 0xFFFF0000 (Protect all and Protect region 0)

c) CLENR0 = 0x0x0003FC00 (N (max value) is (CODEPAGESIZE * ( CODESIZE - 1 )) , RBPCONF = 0xFFFFFF00 (Protect region 0)

d) CLENR0 = 0x0x0003FC00 (N (max value) is (CODEPAGESIZE * ( CODESIZE - 1 )) , RBPCONF = 0xFFFF0000 (Protect all and Protect region 0)

In all above scenarios I end up with HardFault.

Right now I doubt if it is even possible to use read back protection mechanism when some code of application is put into RAM region?

I use nrf51822 and my Flash code interlaces with RAM code.

Parents
  • Hi AlBundy,

    You are correct, the readback protection mechanism on the NRF51 is not perfect and there is a security hole that allow a debugger to access the CPU's registers to read the content of the flash. But it should be enphasize that this is only possible when an attacker has physical access to a device and is able to connect a debugger to the product.

    If you looking for a better security of the flash code, I would suggest to use nRF52 where the issue is fixed.

Reply
  • Hi AlBundy,

    You are correct, the readback protection mechanism on the NRF51 is not perfect and there is a security hole that allow a debugger to access the CPU's registers to read the content of the flash. But it should be enphasize that this is only possible when an attacker has physical access to a device and is able to connect a debugger to the product.

    If you looking for a better security of the flash code, I would suggest to use nRF52 where the issue is fixed.

Children
No Data
Related