2011-12-18 03:07 PM
Hello. I have problem with upgrading program in my own bootloader.
When procesor is not read-out protected, everything is going ok (verify says ok). Problem occurs when I set <Read-Out Protection> in RFlasher7 (using Ride7 and RLink programmer). Internal program is erased ok (mass erase) but it stops after first full word programming command (flash controller returns FLASH_FLAG_BANK1_WRPRTERR). In Option Bytes non of the WRP0-WRP3 is set (all have 0xFF). Where is a problem ? And one more guestion: Are option bytes erased during mass erase command ? Should I set up readOutProtection again after mass erase command ?2011-12-18 04:23 PM
Try power cycling the board after turning off ROP and mass erasing.
2011-12-19 12:46 AM
But programming and mass erasing is executed inside my program - upgrade function is executed from RAM.
I wonder what is the difference beetwen flash programming with Read-Out Protection ON and OFF. I my opinion, when I execute mass erase command and next I programm data to flash, Read-Out Protection setting shouldnt be important it that situation.2011-12-19 02:20 AM
One thing I think you'll discover about ROP is that configuration states are latched at reset and not dependent of the flash array subsequently.
2011-12-19 02:57 AM
I have found in documentation potential problem: when RDP jest activated, first pages of the flash are automatically write protected, and thats why upgrade stops.
How I have to check if it be possible to deactivate this write protection....2011-12-19 10:46 AM
2011-12-19 12:23 PM
But I do execute full erase command...
I dont understand why full erase command automatically protect first sectors of flash ?? And why after removing protection (and automatically erasing device) CPU need to be POWERED ON to reload RDP bits I dont see any sence of such behaviour, and it makes difficult to make full flash upgrade... Is it possible to remove this protection of thr first sectors without removing RDP?2011-12-19 03:00 PM
I think you'll find ROP purposefully obtuse, it is designed to make things difficult and constraining. You will need to invest your own time determining if this is more of a hindrance than a benefit.
The bottom line is ROP is not a die level protection, and someone with a moderately equipped lab could extract the code. Providing an update opens another vector of attack, one that does not require physically compromising the device.2011-12-19 04:17 PM
Thnaks for reply.
Ok, maybe I dont understand something. So have You got any suggestions how to remotly fully upgrade program in flash without using programmer when RDP is active ? Mass erase function cannot be used obsviously because first sectors of flash will cannot be written after that. Puting bootloader into this space isnt good idea, because bootloader will be not upgradable remotly anymore. Is it possible to leave this space (2 first sectors of flash) empty and unused, and force processor to boot from from fully upgradables pages after that region (reset vector should point to third sector) ?(I use STM32F105 and Ride7 environment)
with best regards,2011-12-20 06:19 AM