BPROT Protecting Bootloader nRF52832

Question

nRF52832
SDK14.0 
 Hi, how can I protect the bootloader from being overwritten? Ideally, I would never be updating the bootloader so it will be a permanent part of the device. How can I make sure nothing can overwrite/erase the bootloader? I am looking at BProt, but I am not a 100% sure on how to implement it. Can you please give me an example on how I would go about doing this? 
 Thank you! 
 Best!

Sigurd · Accepted Answer

Hi, 
 Yes, you can use the BPROT peripheral to prevent application code from erasing or writing to protected blocks. Any attempt to erase or write to a protected flash page will trigger a hardfault. Typically, you would want to enable the protection right at the start of your code, before you do anything else. 
 A BPROT-block represents 1 flashpage(4kB), so on the nRF52832 that have 512 kB flash, we have 512/4 = 128 BPROT-blocks. The non-debug secure-bootloader in SDK 14.0 is by-default located from 0x78000 to 0x7E000. This corresponds to BPROT block/region 120 to 126. (The debug-project uses page 115 to 124). 
 You can enable BPROT on these regions like this: 
 NRF_BPROT->CONFIG3 = (BPROT_CONFIG3_REGION120_Enabled << BPROT_CONFIG3_REGION120_Pos) |
 (BPROT_CONFIG3_REGION121_Enabled << BPROT_CONFIG3_REGION121_Pos) |
 (BPROT_CONFIG3_REGION122_Enabled << BPROT_CONFIG3_REGION122_Pos) |
 (BPROT_CONFIG3_REGION123_Enabled << BPROT_CONFIG3_REGION123_Pos) |
 (BPROT_CONFIG3_REGION124_Enabled << BPROT_CONFIG3_REGION124_Pos) |
 (BPROT_CONFIG3_REGION125_Enabled << BPROT_CONFIG3_REGION125_Pos) |
 (BPROT_CONFIG3_REGION126_Enabled << BPROT_CONFIG3_REGION126_Pos);

BPROT Protecting Bootloader nRF52832

Top Replies

core_v2_widget.Hide()