• State Verified Answer
  • Replies 5 replies
  • Subscribers 74 subscribers
  • Views 2637 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 274555
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

nRF52840 - Zephyr OS - Flash Protection

SirBranch

I'm looking to enable the flash protection for an nRF52 application running on Zephyr RTOS:

  • Basically looking to disable flash reads from the JTAG/SWD interface: Only erase or reprogram should be possible.

My understanding is that this can be achieved by configuring the APPPROTECT in the UICR register and restarting the device (NVMC need to be enabled). 

Any insight into how to achieve this on Zephyr RTOS would be greatly appreciated.

Parents
  • 0

    To provide an update on the state of this ticket:

    I'm currently able to protect with the known nrfjprog command:

     

    nrfjprog --rbp ALL -f NRF52

    But I'm looking for a way to do this from the application code. I've set CONFIG_SOC_FLASH_NRF_UICR=y from the bootloader configuration as well as application and I'm currently able to read in run time using:

    NRF_UICR->APPROTECT

    But this reference doesn't seem to allow for writing or clearing. I've tried using the flash API in the following manner to read/write but no success in even being able to read:

    #define PER_UICR 0x10001000UL
#define UICR_REG_APPROTECT 0x208UL

void uicr_reg_approtect_read(void){

	const struct device* flash_dev = device_get_binding(DT_CHOSEN_ZEPHYR_FLASH_CONTROLLER_LABEL);
    uint32_t reg_approtect = 0UL;

    if (flash_dev == NULL) {
        LOG_ERR("Nordic nRF52 flash driver was not found!\n");
        return;
    }  // Check status

    LOG_WRN("Found flash controller %s", log_strdup(DT_CHOSEN_ZEPHYR_FLASH_CONTROLLER_LABEL));

    err = flash_read(flash_dev, PER_UICR + UICR_REG_APPROTECT, &reg_approtect, sizeof(uint32_t));

    if (err != 0) {
        LOG_WRN("Flash read of REG_APPROTECT failed! %d\n", err);
    } else {
        LOG_WRN("UICR - REG_APPROTECT 0x%X", reg_approtect);
    }

}

Reply
  • 0

    To provide an update on the state of this ticket:

    I'm currently able to protect with the known nrfjprog command:

     

    nrfjprog --rbp ALL -f NRF52

    But I'm looking for a way to do this from the application code. I've set CONFIG_SOC_FLASH_NRF_UICR=y from the bootloader configuration as well as application and I'm currently able to read in run time using:

    NRF_UICR->APPROTECT

    But this reference doesn't seem to allow for writing or clearing. I've tried using the flash API in the following manner to read/write but no success in even being able to read:

    #define PER_UICR 0x10001000UL
#define UICR_REG_APPROTECT 0x208UL

void uicr_reg_approtect_read(void){

	const struct device* flash_dev = device_get_binding(DT_CHOSEN_ZEPHYR_FLASH_CONTROLLER_LABEL);
    uint32_t reg_approtect = 0UL;

    if (flash_dev == NULL) {
        LOG_ERR("Nordic nRF52 flash driver was not found!\n");
        return;
    }  // Check status

    LOG_WRN("Found flash controller %s", log_strdup(DT_CHOSEN_ZEPHYR_FLASH_CONTROLLER_LABEL));

    err = flash_read(flash_dev, PER_UICR + UICR_REG_APPROTECT, &reg_approtect, sizeof(uint32_t));

    if (err != 0) {
        LOG_WRN("Flash read of REG_APPROTECT failed! %d\n", err);
    } else {
        LOG_WRN("UICR - REG_APPROTECT 0x%X", reg_approtect);
    }

}

Children
Related
Terms of service