• State Resolved
  • Locked Locked
  • Replies 12 replies
  • Answers 4 answers
  • Subscribers 102 subscribers
  • Views 575 views
  • Users 0 members are here
Support feedback
Options
Options
Similar topics

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Bootloader code protection

GNS Gump
Prodigy 30 points
Other Parts Discussed in Thread: TM4C1290NCPDT

Hello

I am not long working with arm and I prepared a bootloader for TM4C1290NCPDT and I would like to protect so there are no way to write by mistake even if I want to change could be nice to only be able to change the bootloader with JTAG. after write that part of code I could not even program again the arm .. even I tried doing the the unlock sequence and did not work again the arm! if somebody can give me a hand I will be really thankfully.

MPURegionSet(0, 0,
MPU_RGN_SIZE_64K |
MPU_RGN_PERM_EXEC |
MPU_RGN_PERM_PRV_RO_USR_RO |
MPU_RGN_ENABLE);

//MPUIntRegister(protection_violation_occur);
//MPUIntRegister(void (*ConfigInit)(void));

IntEnable(FAULT_MPU);

/*************************/


void
protection_violation_occur(void)
{
UART0BlockingWrite ("R", 1);

}

/**************************/

;;*****************************************************************************
;;
;; The minimal vector table for a Cortex-M3 processor.
;;
;;*****************************************************************************
Vectors:
.ref __STACK_TOP
.word __STACK_TOP ;; Offset 00: Initial stack pointer
.if $$defined(RAM_MODE)
.word ResetISR - 0x20000000 ;; Offset 04: Reset handler
.word NmiSR - 0x20000000 ;; Offset 08: NMI handler
.word FaultISR - 0x20000000 ;; Offset 0C: Hard fault handler
.else
.word ResetISR ;; Offset 04: Reset handler
.word NmiSR ;; Offset 08: NMI handler
.word FaultISR ;; Offset 0C: Hard fault handler
.endif

.word protection_violation_occur ;; Offset 10: MPU fault handler
.word IntDefaultHandler ;; Offset 14: Bus fault handler
.word IntDefaultHandler ;; Offset 18: Usage fault handler
.word 0 ;; Offset 1C: Reserved
.word 0 ;; Offset 20: Reserved
.word 0 ;; Offset 24: Reserved
.word 0 ;; Offset 28: Reserved

  • 0
    TI__Guru**** 158815 points

    Hi,

      Did you have a chance to reference the TivaWare bootloader examples such as boot_serial example?  If you want to protect the application code from getting overwritten by the bootloader, you may want to check the #define FLASH_CODE_PROTECTION and #define ENABLE_UPDATE_CHECK in bl_config.h file. 

      If you want to protect the JTAG from debug access you can permanently disable the debug capability. See this post. https://e2e.ti.com/support/microcontrollers/other/f/908/t/535559 Not sure if this is what you want.

      With that said, you seem to say that your MCU is currently locked. If this is the case, I will suggest you unlock the device using LM flash programmer. You might want to try a few times and follow the instructions in 5.3  of this app note.

      If you still can't get it to unlock, I'm sorry to say that the device may be bricked. 

  • 0 in reply to Charles Tsai
    Prodigy 30 points

    hello 

    thanks for the answer .. sorry maybe i was not clear ... I would like to protect the bootloader ... so the aplication can not write other the bootloader by mistake.

  • 0 in reply to GNS Gump
    TI__Guru**** 158815 points

    Hi,

      If you really want to protect the bootloader then you can use the FMPREn and FMPPEn registers for write protection. Please refer to the datasheet for details. Below is the excerpt from the datasheet. You can use the API FlashProtectSet() and FlashProtectSave() to configure the protection. 

  • 0 in reply to Charles Tsai
    Prodigy 120 points

    Hello!

    I was testing the code protection ..in the bootloader code i add the next line:

    ROM_FlashProtectSet(0,FlashExecuteOnly);

    after that i can not program anymore the device not even with JTAG .

    and also i can not firmware upgrade..

    Some suggestion ?

  • 0 in reply to INGS
    TI__Guru**** 158815 points

    Hi,

      You set it to FlashExecuteOnly. With FlashExecuteOnly, the flash block 0 as you specified can only be executed, it cannot be read or written. I think you want to set to FlashReadOnly so that it cannot be erased/programmed.

      To recover your device to factory setting you can do an unlock. See below. 

      

  • 0 in reply to INGS
    TI__Guru**** 158815 points

    Hi,

      You set it to FlashExecuteOnly. With FlashExecuteOnly, the flash block 0 as you specified can only be executed, it cannot be read or written. I think you want to set to FlashReadOnly so that it cannot be erased/programmed but can still be read by the debugger via the jtag. 

      To recover your device to factory setting you can do an unlock. See below. 

      

  • 0 in reply to Charles Tsai
    Prodigy 120 points

    Hello

    I was trying to unlock but not good news! 

    I was trying to protect the first 64K of memory where is the boot-loader 

    FlashProtectSet(numb_block,FlashReadOnly);

    numb_block incremented in 2K 

    but still not working and it lock again the arm .

    there are some examples o code to help me with that?

  • 0 in reply to INGS
    TI__Guru**** 158815 points

    Hi,

      Can you elaborate if your problem is unable to unlock the device using the LM flash programer as you lose the JTAG access or your problem is that the flash is not protected? What is not working? Can you try only the FlashPortectSet only but not the FlashProtectSave. The FlashProtectSave makes the currently programmed flash protection settings permanent? While you are still debugging your project I will suggest that you only do FlashPortectSet. With FlashPortectSet, the changes to the flash protection are maintained only until the next reset. It is not permanent. 

      When you call FlashPortectSet what does it return? Returns 0 on success or -1 if an ivalid address or an invalid protection was specified. 

  • 0 in reply to Charles Tsai
    Prodigy 120 points

    Hi,

    1) First Test FlashProtectSave --> lose the JTAG access --> unlock did not work. 

    2) Second Test FlashProtectSet(0,FlashReadOnly); --> still able to access by JTAG 

    3) third Test 

    unsigned int numb_block;
    for( numb_block=0; numb_block<0x10000; numb_block +=0x800){

    FlashProtectSet(numb_block,FlashReadOnly);

    }

    result --> Lose the JTAG access --> unlock did not work

    The main objective is to protect the bootloader from 0 to 0x10000, I would like to be able to write only by JTAG

    I would like to be sure that any firmware is NOT able to overwrite the bootloader.  

  • 0 in reply to INGS
    TI__Guru**** 158815 points

    Hi,

     

    INGS said:

    3) third Test 

    unsigned int numb_block;
    for( numb_block=0; numb_block<0x10000; numb_block +=0x800){

    FlashProtectSet(numb_block,FlashReadOnly);

    }

    result --> Lose the JTAG access --> unlock did not work

    This is weird, if you didn't call FlashProtectSave() then the protection is only good until the next power cycle. In another word, the protection is not permanent. 

    The second comment is that did you check the returned value after calling the FlashProtectSet? Did the function return 0 or -1? 

    What if you protect with a small number of blocks first such as 16kB instead of 64kB? Does it make a difference? 

  • 0 in reply to Charles Tsai
    Prodigy 120 points

    Hi 

    Thanks for your answer ... it look for me that when the arm is power on it run the program and set the protection and them when i want to program with JTAG it is already protected and doent make any change in the program.. because I can still program higher address that are not protected, I meant I don't have problem to program .. the weird thing for me is that I do not get any message o problem from the JTAG..every thing look like it is working well but the program that I try to load it is not load. For sure the arm is not LOCK.

  • 0 in reply to INGS
    TI__Guru**** 158815 points

    Hi,

      That makes sense now. You are trying to use the JTAG to program the regions that are already protected and hence the programming didn't complete. The flash loader in the IDE does not know or in another word has no knowledge of the flash protection and hence it didn't complete the programming. It could have put out a error message saying that the programming didn't complete. Please bear in mind once the flash is protected it is protected from any means of program/erase, whether it is coming from your application or from the JTAG. With that said, it means that you must not enable the protection until your bootloader is fully developed and verified and you will never need to change it again.