Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- STMicroelectronics Community
- STM32 MCUs
- STM32 MCUs Products
- How to set RDP level2 without a password with STM3...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How to set RDP level2 without a password with STM32_Programmer_CLI
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-07-16 01:45 AM
I am using NUCLEO-u5a5zj-q, I tried this:
sru@sru-pqs-dell:~/repos/pqkey$ STM32_Programmer_CLI --connect port=swd index=2 -halt --optionbytes displ -ob nSWBOOT0=0 nBOOT0=1 -lockRDP2 0xFFFFFFFF 0xFFFFFFFF
-------------------------------------------------------------------
STM32CubeProgrammer v2.16.0
-------------------------------------------------------------------
ST-LINK SN : 004900253532510831333430
ST-LINK FW : V3J15M6
Board : NUCLEO-U5A5ZJ-Q
Voltage : 3,28V
SWD freq : 8000 KHz
Connect mode: Normal
Reset mode : Software reset
Device ID : 0x481
Revision ID : Rev X
Device name : STM32U5xx
Flash size : 4 MBytes (default)
Start Address : 8000000
Device type : MCU
Device CPU : Cortex-M33
BL Version : 0x92
Debug in Low Power mode enabled
Core halted
UPLOADING OPTION BYTES DATA ...
Bank : 0x00
Address : 0x40022040
Size : 32 Bytes
[==================================================] 100%
Bank : 0x01
Address : 0x40022068
Size : 8 Bytes
[==================================================] 100%
OPTION BYTES BANK: 0
Read Out Protection:
RDP : 0xAA (Level 0, no protection)
BOR Level:
BOR_LEV : 0x0 (BOR Level 0, reset level threshold is around 1.7 V)
User Configuration:
TZEN : 0x0 (Global TrustZone security disabled)
nRST_STOP : 0x1 (No reset generated when entering Stop mode)
nRST_STDBY : 0x1 (No reset generated when entering Standby mode)
nRST_SHDW : 0x1 (No reset generated when entering the Shutdown mode)
SRAM1345_RST : 0x1 (SRAM1, SRAM3,SRAM4 and SRAM5 not erased when a system reset occurs)
IWDG_SW : 0x1 (Software independent watchdog)
IWDG_STOP : 0x1 (IWDG counter active in stop mode)
IWDG_STDBY : 0x1 (IWDG counter active in standby mode)
WWDG_SW : 0x1 (Software window watchdog)
SWAP_BANK : 0x0 (Bank 1 and bank 2 address are not swapped)
DBANK : 0x1 (Dual-bank Flash with contiguous addresses)
BKPRAM_ECC : 0x1 (Backup RAM ECC check disabled)
SRAM3_ECC : 0x1 (SRAM3 ECC check disabled)
SRAM2_ECC : 0x1 (SRAM2 ECC check disabled)
SRAM2_RST : 0x1 (SRAM2 is not erased when a system reset occurs)
nSWBOOT0 : 0x1 (BOOT0 taken from PH3/BOOT0 pin)
nBOOT0 : 0x1 (nBOOT0 = 1)
PA15_PUPEN : 0x1 (USB power delivery dead-battery disabled/ TDI pull-up activated)
IO_VDD_HSLV : 0x0 (High-speed IO at low VDD voltage feature disabled (VDD can exceed 2.5 V))
IO_VDDIO2_HSLV: 0x0 (High-speed IO at low VDDIO2 voltage feature disabled (VDDIO2 can exceed 2.5 V))
Boot Configuration:
NSBOOTADD0 : 0x100000 (0x8000000)
NSBOOTADD1 : 0x17F200 (0xBF90000)
Write Protection 1:
WRP1A_PSTRT : 0xFF (0x81FE000)
WRP1A_PEND : 0x0 (0x8000000)
UNLOCK_1A : 0x1 (WRP1A start and end pages unlocked)
WRP1B_PSTRT : 0xFF (0x81FE000)
WRP1B_PEND : 0x0 (0x8000000)
UNLOCK_1B : 0x1 (WRP1B start and end pages unlocked)
OPTION BYTES BANK: 1
Write Protection 2:
WRP2A_PSTRT : 0xFF (0x83FE000)
WRP2A_PEND : 0x0 (0x8200000)
UNLOCK_2A : 0x1 (WRP2A start and end pages unlocked)
WRP2B_PSTRT : 0xFF (0x83FE000)
WRP2B_PEND : 0x0 (0x8200000)
UNLOCK_2B : 0x1 (WRP2B start and end pages unlocked)
PROGRAMMING OPTION BYTES AREA ...
Warning: Option Byte: nboot0, value: 0x1, was not modified.
Bank : 0x00
Address : 0x40022040
Size : 32 Bytes
Reconnecting...
Reconnected !
UPLOADING OPTION BYTES DATA ...
Bank : 0x00
Address : 0x40022040
Size : 32 Bytes
[==================================================] 100%
Bank : 0x01
Address : 0x40022068
Size : 8 Bytes
[==================================================] 100%
OPTION BYTE PROGRAMMING VERIFICATION:
Option Bytes successfully programmed
Time elapsed during option Bytes configuration: 00:00:02.127
Lock RDP2 password successfully done
sru@sru-pqs-dell:~/repos/pqkey$ ./status-stm32u5a5 2
+ index=2
+ name=2
+ addr=0x08000000
+ STM32_Programmer_CLI --connect port=swd index=2 -halt --power off index=2 --power on index=2
-------------------------------------------------------------------
STM32CubeProgrammer v2.16.0
-------------------------------------------------------------------
ST-LINK SN : 004900253532510831333430
ST-LINK FW : V3J15M6
Board : NUCLEO-U5A5ZJ-Q
Voltage : 3,28V
SWD freq : 8000 KHz
Connect mode: Normal
Reset mode : Software reset
Device ID : 0x481
Revision ID : Rev X
Device name : STM32U5xx
Flash size : 4 MBytes (default)
Start Address : 8000000
Device type : MCU
Device CPU : Cortex-M33
BL Version : 0x92
Debug in Low Power mode enabled
Core halted
Power OFF...
Drives the target power pin out of the (onboard) ST-Link.
Info: Power ON/OFF maybe not available on your Board [also not available on standalone probes]
Power OFF the board finished with success !
Power ON...
Drives the target power pin out of the (onboard) ST-Link.
Info: Power ON/OFF maybe not available on your Board [also not available on standalone probes]
Power ON the board finished with success !
+ STM32_Programmer_CLI --connect port=swd index=2 -halt --optionbytes displ --blankcheck
-------------------------------------------------------------------
STM32CubeProgrammer v2.16.0
-------------------------------------------------------------------
ST-LINK SN : 004900253532510831333430
ST-LINK FW : V3J15M6
Board : NUCLEO-U5A5ZJ-Q
Voltage : 3,28V
SWD freq : 8000 KHz
Connect mode: Normal
Reset mode : Software reset
Device ID : 0x481
Revision ID : Rev X
Device name : STM32U5xx
Flash size : 4 MBytes (default)
Start Address : 8000000
Device type : MCU
Device CPU : Cortex-M33
BL Version : 0x92
Debug in Low Power mode enabled
Core halted
UPLOADING OPTION BYTES DATA ...
Bank : 0x00
Address : 0x40022040
Size : 32 Bytes
[==================================================] 100%
Bank : 0x01
Address : 0x40022068
Size : 8 Bytes
[==================================================] 100%
OPTION BYTES BANK: 0
Read Out Protection:
RDP : 0xAA (Level 0, no protection)
BOR Level:
BOR_LEV : 0x0 (BOR Level 0, reset level threshold is around 1.7 V)
User Configuration:
TZEN : 0x0 (Global TrustZone security disabled)
nRST_STOP : 0x1 (No reset generated when entering Stop mode)
nRST_STDBY : 0x1 (No reset generated when entering Standby mode)
nRST_SHDW : 0x1 (No reset generated when entering the Shutdown mode)
SRAM1345_RST : 0x1 (SRAM1, SRAM3,SRAM4 and SRAM5 not erased when a system reset occurs)
IWDG_SW : 0x1 (Software independent watchdog)
IWDG_STOP : 0x1 (IWDG counter active in stop mode)
IWDG_STDBY : 0x1 (IWDG counter active in standby mode)
WWDG_SW : 0x1 (Software window watchdog)
SWAP_BANK : 0x0 (Bank 1 and bank 2 address are not swapped)
DBANK : 0x1 (Dual-bank Flash with contiguous addresses)
BKPRAM_ECC : 0x1 (Backup RAM ECC check disabled)
SRAM3_ECC : 0x1 (SRAM3 ECC check disabled)
SRAM2_ECC : 0x1 (SRAM2 ECC check disabled)
SRAM2_RST : 0x1 (SRAM2 is not erased when a system reset occurs)
nSWBOOT0 : 0x0 (BOOT0 taken from the option bit nBOOT0)
nBOOT0 : 0x1 (nBOOT0 = 1)
PA15_PUPEN : 0x1 (USB power delivery dead-battery disabled/ TDI pull-up activated)
IO_VDD_HSLV : 0x0 (High-speed IO at low VDD voltage feature disabled (VDD can exceed 2.5 V))
IO_VDDIO2_HSLV: 0x0 (High-speed IO at low VDDIO2 voltage feature disabled (VDDIO2 can exceed 2.5 V))
Boot Configuration:
NSBOOTADD0 : 0x100000 (0x8000000)
NSBOOTADD1 : 0x17F200 (0xBF90000)
Write Protection 1:
WRP1A_PSTRT : 0xFF (0x81FE000)
WRP1A_PEND : 0x0 (0x8000000)
UNLOCK_1A : 0x1 (WRP1A start and end pages unlocked)
WRP1B_PSTRT : 0xFF (0x81FE000)
WRP1B_PEND : 0x0 (0x8000000)
UNLOCK_1B : 0x1 (WRP1B start and end pages unlocked)
OPTION BYTES BANK: 1
Write Protection 2:
WRP2A_PSTRT : 0xFF (0x83FE000)
WRP2A_PEND : 0x0 (0x8200000)
UNLOCK_2A : 0x1 (WRP2A start and end pages unlocked)
WRP2B_PSTRT : 0xFF (0x83FE000)
WRP2B_PEND : 0x0 (0x8200000)
UNLOCK_2B : 0x1 (WRP2B start and end pages unlocked)
Flash memory blank checking...
[==================================================] 100%
Time elapsed during the blank check operation is: 00:00:00.015
Warning: Flash memory is not empty at 0x08000000.As you can see, the RDP level is still 0 (and later on I could still dump all memories).
On the same board I have been able to set RDP level 2 without password using the GUI version (STM32CubeProgrammer), so the setup was right.
Solved! Go to Solution.
Labels:
- Labels:
-
STM32U5 Series
1 ACCEPTED SOLUTION
Accepted Solutions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-07-17 05:57 AM - edited 2024-07-17 05:59 AM
Hello @acapola
To be clear, if you go to RDP level 2 without setting a password beforehand, you won't be able to go back.
Here is examples of a command, you can configure the right path for your PC.
Without Password
@ECHO OFF
SETLOCAL
SET TOOLDIR=c:\Program Files\STMicroelectronics\STM32Cube\CubeProgrammer1.14\bin
SET TOOL=%TOOLDIR%\STM32_Programmer_CLI.exe
SET MY_CURR_DIR=%cd%
@ECHO ON
cd %TOOLDIR%
"%TOOL%" -c port=SWD mode=HOTPLUG -ob displ
"%TOOL%" -c port=SWD mode=HOTPLUG -ob RDP=0xCC
"%TOOL%" -c port=SWD mode=HOTPLUG -ob displ
cd %MY_CURR_DIR%
@ENDLOCAL
@PAUSE
With password:
@ECHO OFF
SETLOCAL
SET TOOLDIR=c:\Program Files\STMicroelectronics\STM32Cube\CubeProgrammer1.14\bin
SET TOOL=%TOOLDIR%\STM32_Programmer_CLI.exe
SET MY_CURR_DIR=%cd%
@ECHO ON
cd %TOOLDIR%
"%TOOL%" -c port=SWD mode=HOTPLUG -ob displ
"%TOOL%" -c port=SWD mode=HOTPLUG -lockRDP2 0x12345678 0xABCDEFAB
"%TOOL%" -c port=SWD mode=HOTPLUG -ob RDP=0xCC
"%TOOL%" -c port=SWD mode=HOTPLUG -unlockRDP2 0x12345678 0xABCDEFAB
"%TOOL%" -c port=SWD mode=HOTPLUG -ob RDP=0xAA
"%TOOL%" -c port=SWD mode=HOTPLUG -ob displ
cd %MY_CURR_DIR%
@ENDLOCAL
@PAUSE
Regards
DianeP
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-07-17 05:57 AM - edited 2024-07-17 05:59 AM
Hello @acapola
To be clear, if you go to RDP level 2 without setting a password beforehand, you won't be able to go back.
Here is examples of a command, you can configure the right path for your PC.
Without Password
@ECHO OFF
SETLOCAL
SET TOOLDIR=c:\Program Files\STMicroelectronics\STM32Cube\CubeProgrammer1.14\bin
SET TOOL=%TOOLDIR%\STM32_Programmer_CLI.exe
SET MY_CURR_DIR=%cd%
@ECHO ON
cd %TOOLDIR%
"%TOOL%" -c port=SWD mode=HOTPLUG -ob displ
"%TOOL%" -c port=SWD mode=HOTPLUG -ob RDP=0xCC
"%TOOL%" -c port=SWD mode=HOTPLUG -ob displ
cd %MY_CURR_DIR%
@ENDLOCAL
@PAUSE
With password:
@ECHO OFF
SETLOCAL
SET TOOLDIR=c:\Program Files\STMicroelectronics\STM32Cube\CubeProgrammer1.14\bin
SET TOOL=%TOOLDIR%\STM32_Programmer_CLI.exe
SET MY_CURR_DIR=%cd%
@ECHO ON
cd %TOOLDIR%
"%TOOL%" -c port=SWD mode=HOTPLUG -ob displ
"%TOOL%" -c port=SWD mode=HOTPLUG -lockRDP2 0x12345678 0xABCDEFAB
"%TOOL%" -c port=SWD mode=HOTPLUG -ob RDP=0xCC
"%TOOL%" -c port=SWD mode=HOTPLUG -unlockRDP2 0x12345678 0xABCDEFAB
"%TOOL%" -c port=SWD mode=HOTPLUG -ob RDP=0xAA
"%TOOL%" -c port=SWD mode=HOTPLUG -ob displ
cd %MY_CURR_DIR%
@ENDLOCAL
@PAUSE
Regards
DianeP
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-07-24 08:05 AM
Note that without password, the second attempt to display option bytes is failing and it is expected since we have locked the JTAG.
Related Content
- STM32H533CET6 File download error in STM32CubeIDE (MCUs)
- STM32H573 Debug Authentification MCU Locked? in STM32 MCUs Security
- STM32Cube Programmer CRC Error in post build in STM32CubeProgrammer (MCUs)
- STM32_Programmer_CLI fails to flash in STM32 MCUs Products
- Issue with MQTT connection on STM32F407G and SIM7600 GSM module in STM32 MCUs Embedded software