• State Not Answered
  • Replies 2 replies
  • Subscribers 86 subscribers
  • Views 1991 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 281809
Options

Approtect with zephyr

Dymek117

I'm not sure if zephyr questions can be also asked here.

Problem I am struggling with is approtect mechanism to prevent flash readout. I am trying to use Zephyr config files to eneble such options (doing this by register can be ovewritten by zephyr), so according to zephyr docs i'm setting up this options in it's config files:

CONFIG_NRF_APPROTECT_LOCK=y
But anyway, after build and flash, NVM can be easily readable by nrf programmer. So i guess I'm missing something.
 
Parents
  • 0

    That is most probably because you are using an "old" hardware revision (for example nrf52840 of revision 2). If that is the case, the only way to protect the flash from reading is to write 0x00 to the UICR.APPROTECT register. 

    The Config you are trying to add has only impact on new hardware revisions (revision >= 3 for nrf52840). You can check that as follows:

    Setting CONFIG_NRF_APPROTECT_LOCK=y --> leads to activating ENABLE_APPROTECT in the nrf52_handle_approtect func.

    This calls the function nrf_configuration_249() which only returns true for devices of newer hadrware revisions that have the updated approtect mechanism, otherwise false. 

     

    --> So, when you have an old harware revision, the function nrf52_handle_approtect() will be called, but have absolutely no impact. For those devices, you will only need to write the UICR.APPROTECT register --> see the nrf_debug_port_disable() function in this thread on how to do it: Link.

    Notice: writing to UICR.APPROTECT (e.g. in the beginning of you main func) should be done on both old and new hardware revisions! Only the second part (handled above) is automatically handled based on the revision, for which you should activate the config. 

    I hope this helps.

    Best regards

Reply
  • 0

    That is most probably because you are using an "old" hardware revision (for example nrf52840 of revision 2). If that is the case, the only way to protect the flash from reading is to write 0x00 to the UICR.APPROTECT register. 

    The Config you are trying to add has only impact on new hardware revisions (revision >= 3 for nrf52840). You can check that as follows:

    Setting CONFIG_NRF_APPROTECT_LOCK=y --> leads to activating ENABLE_APPROTECT in the nrf52_handle_approtect func.

    This calls the function nrf_configuration_249() which only returns true for devices of newer hadrware revisions that have the updated approtect mechanism, otherwise false. 

     

    --> So, when you have an old harware revision, the function nrf52_handle_approtect() will be called, but have absolutely no impact. For those devices, you will only need to write the UICR.APPROTECT register --> see the nrf_debug_port_disable() function in this thread on how to do it: Link.

    Notice: writing to UICR.APPROTECT (e.g. in the beginning of you main func) should be done on both old and new hardware revisions! Only the second part (handled above) is automatically handled based on the revision, for which you should activate the config. 

    I hope this helps.

    Best regards

Children
No Data
Related
Terms of service