FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

USART BOOTLOADER launched from user application & flash has readout protection set, how can USART BOOTLOADER load new code to flash?

PMoor.1
Associate II

‎2021-06-29 11:00 AM

It seems unprotected flash can be programmed and then protected using user application launched native STM32 USART BOOTLOADER, but protected flash can only be cleared, but not reprogrammed without also having access to the boot pin configuration. (Am I missing some something?)

Using the USART BOOTLOADER protocol Readout Unprotect (command 0x92), the STM32 erases the flash and then resets the STM32, but there is now no user code to launch bootloader again to load new code into the now unprotected user flash.

I happen to be using a STM32F100V8T6, but I think this issue is generic to the STM32 family.

0 Kudos
4 REPLIES 4
TDK
Guru

‎2021-06-29 11:43 AM

You're not missing anything. You need a way to get the chip back into bootloader mode.

> I happen to be using a STM32F100V8T6, but I think this issue is generic to the STM32 family.

Some chips launch the bootloader if the flash is empty.

If you feel a post has answered your question, please click "Accept as Solution".
0 Kudos
Tesla DeLorean
Guru

‎2021-06-29 11:56 AM

I think it generally comes down to protecting the integrity and security of the product, and that your own bootloader be secure, and bug free, and remain for the life of the product.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
PMoor.1
Associate II
In response to Tesla DeLorean

‎2021-06-29 12:11 PM

The native bootloader seems to be good enough for many applicaitons when launched from the user application code with flash access protected. (Given enough enough investment, most patterns in flash could be cloned, so one's IP security should not be solely dependent on restricted access to a single memory array.)

0 Kudos
PMoor.1
Associate II
In response to TDK

‎2021-06-29 12:51 PM

For this case, having the product default to launching the bootloader if the flash was blank would make it simple, but perhaps not desirable. The risk of a "dead brick" in the field should be avoided as much as possible, but being able to remotely reconfigure a device from its published default state leaves the door wide open for a 3rd party to repurpose devices in the field, which would be bad for companies involved, and perhaps society in general, depending on the scope and use of the device.

The issue (as I see it) is not having a path back to the bootloader once the flash mass erase and protection bit clearing has occurred specifically from the native bootloader. Something as simple in the boot logic as "if the flash is blank AND the last reset event was triggered by software, then launch the bootloader" could work, but it seems this part is not made that way.

0 Kudos
Top