• State Not Answered
  • Replies 5 replies
  • Subscribers 91 subscribers
  • Views 1339 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 287573
Options

Protection of flash memory

TML_YT

I want to protect the programme and data in the flash memory from being rewritten during shipment.

I thought that I could set the NVMC register, CONFIG, to read-only, so I executed the following programme to try it out.

-----------------------------

static void flash_page_init_no(void)
{
     m_data.pg_num = NRF_FICR->CODESIZE - 1;
     m_data.pg_size = NRF_FICR->CODEPAGESIZE;
     m_data.addr = (m_data.pg_num * m_data.pg_size);
     m_data.m_p_flash_data = (flashwrite_flash_data_t *)m_data.addr;


     NRF_NVMC->CONFIG = NVMC_CONFIG_WEN_Ren;
     while (NRF_NVMC->READY == NVMC_READY_READY_Busy)
     {
     }

     nrf_nvmc_page_erase(m_data.addr);

     return;
}

-----------------------------

However, despite being read-only, I was able to erase the data normally without an error, which I confirmed by looking at the memory map in the debug mode of SEEGER.

--Why is it possible to erase even though it is read-only?

--Can't I just set the registers to protect them? How can I erase or prohibit writing?

  • 0

    Hello,

    There is nothing that will prevent the program from re-configuring NVMC->CONFIG register again. If you want to restrict flash access at runtime, then you need to use ACL module instead.

    Best regards,

    Vidar

  • 0 in reply to Vidar Berg

    Hi

    In 6.3 ACL - Access control lists in the data sheet, the following statement is made.
    'The ADDR, SIZE, and PERM registers can only be written once. all ACL configuration registers are cleared on reset by resetting the device from a reset source.'

    I do not understand what this means.

    (1) If the ADDR, SIZE and PERM registers can only be written once until a reset is applied, does this mean that, for example, when the power is turned on again, the ADDR, SIZE and PERM registers are reset and can be written again?
    Does this mean that the protected area can be accessed again each time the power is switched on?

    (2) I want to protect fixed data stored in a specific flash memory area. Once this is set up, I would like to keep it protected even if the power is turned on again.
    If the ADDR, SIZE and PERM registers are reset each time the power is switched on, does this mean that I must always run a program to set the ADDR, SIZE and PERM registers in order to protect the specific area?

  • 0 in reply to TML_YT

    Hi

    1. Yes, your understanding is correct. This is why you generally want to configured the ACL register as early as possible on boot. Typically from a bootloader.

    2. Do you want to protect against erroneous flash access from the CPU or the Debugger? The ACL is good at protecting against illegal NVMC requests from the CPU as long as you enable the protection early in the boot process, but does not do much against debugger access. To prevent the debugger access you should enable the Access port protection before shipping the device.

  • 0 in reply to Vidar Berg

    Hi

    (1)  Going back to my original question, I initially intended to protect the bit in register NVMC CONFIG by setting it to 0, i.e. 'Read only access'.
    If I do not consider protection from the debugger, am I correct in understanding that once the power is reconnected and reset after setting the NVMC CONFIG to 'Read only access', it will remain in 'Read only access' and cannot be written or erased?

    (2)  The programming of the bootloader is now too difficult for me and I don't know where and how to write the program. nRF5 SDK v17.1.0 has 'DFU bootloader examples' in the program examples, I am aware of it. However, for me, I don't need this much functionality and would prefer to have simple program examples that simply protect the flash memory.

  • 0 in reply to TML_YT

    Hi,

    (1) Yes, the NVMC CONFIG register is always set to zero after reset as you can see from the register description here:

    (2) You can configure the ACL at the beginning of main() in your application if you don't plan to include a bootloader.

Related
Terms of service