cancel
Showing results for 
Search instead for 
Did you mean: 

PCROP protection

francescatodiego
Associate II
Posted on March 20, 2015 at 16:30

For our customer I need build a new hw with a ST micro (STM32F4) with a pre-porgrammed code library.

The client develops its own application using the preloaded library (Obviously I provide also all the necessary file for link the library functions with its code)

Question1:

If I provide the flash with RDP = 1 protection I think it is always possible through my bootloader, to be activated in some way, upload in flash the customer application ?

...but the customer could write a trivial code that dumps the all flash area that contains the libraries code and he could create a full flash image.

From ST docs I read that I can enable selective protection of certain flash sectors using the PCROP function that disables the ''data mode access'' for flash memory.

This would prevent the client to run a dump of the memory but...

Question2:

This simple code example

const char message1 [] = ''my message text1'';

const char message2 [] = ''my message text2'';

const char message3 [] = ''my message text3'';

void print_message (char * p, uint8_t msgid)

{

if (msgid = 1) sprintf (p, ''% s'', message1);

if (msgid = 2) sprintf (p, ''% s'', message2);

if (msgid = 3) sprintf (p, ''% s'', Message3);

}

located in protected area PCROP work? The messagex strings are accessible ?

Question3:

areas protected by PCROP are locked and a library software upgrade require erase of the entire flash.

Executing this procedure from RAM

- full erases the flash bringing the RDP=0

- updates the library code

- restores PCROP protection on library flash area.

- enables RDP = 1

is possible ?

thanks to all

3 REPLIES 3
Posted on March 20, 2015 at 17:21

A2: Clearly for the protection to be effective you couldn't do that, or load PC relative literals. It would make for a very awkward operating environment.

These are all things you'll need to personally experiment with, and to understand the architecture better than your adversaries.

Tips, buy me a coffee, or three.. PayPal Venmo Up vote any posts that you find helpful, it shows what's working..
francescatodiego
Associate II
Posted on March 21, 2015 at 08:33

In Italian we say ''the night brings advice ..''

I may have found a compromise that solves my problem Unfortunately I can' t test becuse I have only a STM32F407 they don't have the PCROP option I am using the IAR development environment: 1.- This appnote http://supp.iar.com/Support/?Note=71483 Show how create a library that can be preloaded in flash region regardless of the application code. 2.- Modify the library linker config file and place the segment .rodata that contains all the static variables (those with prefix const) all in one flash sector. My example add this confgi to linker .icf file:


 define symbol __region_CONST_start__ = 0x080A0000;
define symbol __region_CONST_end__ = 0x080BFFFF;
define region CONST_region = mem: [from __region_CONST_start__ to __region_CONST_end__];
place in CONST_region {section .rodata} ;

This place all' const in flash sector from address 0x080A0000...0x080BFFFF At this point it should be possible to apply the RDP = 1 to the entire flash and protection PCROP to all sectors of the flash that contain the library code excluding the sector that contain the CONST_region variables. if the user execute a ''malicious'' code from his area and tries to do a dump of the whole flash would get only strings and constant data of the library code. All the code is under PCROP protection I hope...
Posted on August 11, 2015 at 16:01

Hi,

Now, you may refer to the new

http://www.st.com/st-web-ui/static/active/en/resource/technical/document/application_note/DM00186528.pdf

 that provides a description of flash memory protection techniques, focusing on the PCROP. More informations are also available under

http://www.st.com/web/catalog/tools/FM147/CL1794/SC961/SS1743/LN1920/PF262417

.

-Shahrzad-