2022-09-15 05:49 AM
I've tried to configure several security settings from C code for my STM32H7B. I used the example secure bootloader/application which I modified a bit. I was able to enable the security bit and configure a secure memory area in flash block 0.
When starting the JTAG connection is lost. After the booloader part jumps to the application, the JTAG is enabled again.
I can read all the option bytes as expected. The ReadOutProtection level is currently oxAA, so no protection. The security bit is set, as is a secure memory region.
I would like to remove the secure region, so I tried to set the ReadOutProtection to level 0xBB. This however doesn't work. It remains at 0xAA.
I've tried several things. Of course repowering it. Removing the security bit itself. Writing directly to the registers. Removing the security bit using C code from the application.
I am able to update the application part in flash, so it doesn't seem to be a full write protect of the device, only the option bytes can't be written.
Has someone an idea what to check next? If the device is bricked, so be it, but I would like to known why this happened and why I can not raise the ReadOutProtection. I couldn't find anything in the documentation what could prevent the ReadOutProtection to be locked at the lowest level.
Thanks
Edit: Some logging what it's trying to do:
15:04:08:835 : Time elapsed during the read operation is: 00:00:00.001
15:04:18:302 : Option byte command : -ob RDP=187
15:04:18:379 : PROGRAMMING OPTION BYTES AREA ...
15:04:18:381 : Database: Config 0 is active.
15:04:18:381 : Bank : 0x00
15:04:18:381 : Address : 0x5200201c
15:04:18:381 : Size : 308 Bytes
15:04:18:382 : halt ap 0
15:04:18:382 : Loader write option bytes...
15:04:18:382 : Init flashloader...
15:04:18:382 : halt ap 0
15:04:18:383 : run ap 0
15:04:18:383 : halt ap 0
15:04:18:385 : run ap 0
15:04:48:000 : UPLOADING OPTION BYTES DATA ...
15:04:48:000 : Bank : 0x00
15:04:48:000 : Address : 0x5200201c
15:04:48:000 : Size : 308 Bytes
15:04:48:006 : OPTION BYTE PROGRAMMING VERIFICATION:
15:04:48:006 : Error: Expected value for Option Byte "RDP": 0xBB, found: 0xAA
15:04:48:019 : Error: Option Byte Programming failed
Solved! Go to Solution.
2022-09-19 02:00 AM
Issue solved with help of ST customer support. Some flash error bits were set, and the flash lock bit wasn't. Fixing this enabled raising the RPD level to level 1, enabling removal of security settings while lowering RDP back to 0 again.
2022-09-19 02:00 AM
Issue solved with help of ST customer support. Some flash error bits were set, and the flash lock bit wasn't. Fixing this enabled raising the RPD level to level 1, enabling removal of security settings while lowering RDP back to 0 again.