cancel
Showing results for 
Search instead for 
Did you mean: 

RDP settings to disable main memory read

Hello there,

I am trying to find the right RDP config for the STM32G0 MCU. My aim is the following functionality:

  • User code can read/ write the flash,
  • Bootloader/ external SWD debugger cannot read the flash,
  • Bootloader/ external SWD debugger can erase and write the flash.

Does such configuration exist? I am trying to find the right config for production mode, in which it will be not possible for anyone to read the flash contents (erase and write is ok).

This table from the RM0454 Rev 2 doesn't seem to have this config available- maybe I am missing something?

0693W000008wMv7QAE.png 

I would appreciate all feedback.

13 REPLIES 13

I see... Thank you! I will evaluate this new info.

@Community member​ 

So I was reading more about the RDP and page 70 of RM0454 Rev 5 says:

Level 2: No debug

In this level, the protection Level 1 is guaranteed. In addition, the CPU debug port, the boot

from RAM (boot RAM mode) and the boot from System memory (boot loader mode) are no

more available. In user execution mode (boot FLASH mode), all operations are allowed on

the Main Flash memory.

Since I need the end user to be able to update the device's firmware via System Memory bootloader (but still not allow him to read the main memory contents), Level 1 seems more appropriate:

Level 1: Read protection

Level 1 read protection is set when the RDP byte and the RDP complemented byte contain

any value combinations other than [0xAA, 0x55] and [0xCC, 0x33]. Level 1 is the default

protection level when RDP option byte is erased.

User mode: Code executing in user mode (boot from user Flash memory) can access

Main Flash memory, option bytes and backup registers with all operations.

Debug, boot from SRAM, and boot from System memory modes: In debug mode

or when code boots from SRAM or System memory, the Main Flash memory and the

backup registers (TAMP_BKPxR in TAMP) are totally inaccessible. In these modes, a

read or write access to the Flash memory generates a bus error and a Hard Fault

interrupt.

But in this Level 1 mode:

  1. can the user still erase the main memory flash from within the system bootloader and then reprogram it?
  2. Can it be erased via SWD to be programmed again (regular development cycle)?

I would appreciate your further feedback!

In RDP Level1, only way to erase FLASH is indirectly by changing RDP to Level0, which as a side effect also performs bulkerase.

1. I don't know, I don't use the system bootloader. Does it allow to change Option bytes/RDP?

2. Yes, because Option bytes can be written through SWD. I wouldn't call it "normal development cycle" though, as normally during debugging, Option bytes are not written, and only the used sectors are erased.

JW

Understood, thank you!