artikel:ipc:recover_bricked_ipc

Wiederherstellung eines gelockten IPCs

The CFM provides security information to the SPP that supports protection of the Flash contents, if required. The security information is stored within a word in the Flash configuration field(0x0414). This security word is read automatically after each reset and stored in the CFMSEC register.

After a mass erase or page erase of page 0, the Flash will be secured until the CFMSEC register is written to disable security. If the application does not use a program command to set the security configuration word to disable security prior to the next reset, the Flash will be secured and must be unsecured using the procedures described below. Upon successful completion of the backdoor access sequence, the SECSTAT bit in the CFMSEC register is cleared indicating that the MCU is unsecured.

Unsecure Chip:

  1. set MCU mode using the MOD(A|B)
  2. set Oscillator type
  3. set External bus interface attributes
  4. set Nexus port attributes
  5. issue JTAG unlock procedure
  6. Erase the program and data flash
  7. Write new content to program flash

Signals of MODA (70) and MODB (71) pins (PD[1:0]) are latched on rising edge of /RESET signal.

In normal (single chip) operation, both pins are set to 0 to boot from internal flash. Same is, if the chip is secured (locked). So it should do without change on the board.

If use of the Nexus port is required for debugging, it may be connected to either the Nexus primary port (PA[6:0]) or the secondary port (PE[6:0]).

MODA MODB Program Flash secured Chip mode Description
0 0 No Normal Single-Chip Mode Boots from internal flash
0 1 No Normal Expanded Mode Boots from external flash
1 0 No Normal Data Flash Boot Mode Boots from data flash
0 0 Yes Secured Single-Chip Mode Boots from internal flash
0 1 Yes Secured Expanded Mode Boots from external flash
1 0 Yes Secured Data Flash Boot Mode Boots from data flash
1 1 - -RESERVED -

CFM Mass Erase

CMD 0x41 Mass Erase the entire Flash memory. All Flash memory (data and program) protection must be disabled prior to executing this command. Refer to Section 15.4.2, “Flash Security Operation,” for special consideration following mass erase.

  • artikel/ipc/recover_bricked_ipc.txt
  • Zuletzt geändert: Thu. 18.07.2019 15:02
  • von go4it