AN204438
How to Setup Flash Security for FM0+, FM3 and FM4 Families
This application note describes how to setup the Flash Security for FM0+, FM3, and FM4 devices
1
Introduction
1.1
About Document
This application note describes how to setup the Flash Security for FM0+, FM3, and FM4 devices.
2
Mechanism of Flash Security
The default setting of any FMx-MCU is Flash Security disabled. In this mode the user has full access to the Flash
memory via Flash programming tools and JTAG debuggers from outside.
By enabling the Flash security the Flash contents cannot be accessed from outside anymore. Any read out trial
results in 0x0000 values. The only way to unlock the Flash Security is to perform a Flash chip erase sequence via a
Flash programming tool.
The Flash Security is not controlled by Boot-ROM or software – it is a part of the hardware macro of the Flash
memory itself.
The Flash Security is enabled, if a certain data pattern (e.g. 0x0001) is written to a special Flash sector address.
2.1
Methods of setting Flash Security
Because the Cypress software examples and templates do not contain a Flash Security setting, this application note
describes how to enable it.
There are two mechanisms of setting the Flash Security: By special project settings or by patching the S-Record or
HEX record file.
In any case a Flash programming tool (serial/USB) has to be used to enable the Flash Security by programming,
because the JTAG interface will stop working, if the Flash Security is set.
3
Setting Flash Security by Project
3.1
Procedure
The easiest way is to create a small assembly file with a memory section of the Flash Security sector. In this memory
section the Flash Security pattern is defined as a constant.
This assembly file will finally added to the project after debugging phase and just before final project build. IAR’s
EWARM and GCC tool chains need also a modification of their linker files.
Afterwards use a Flash programming tool (serial/USB) to program the Flash memory with Flash Security enabled.
3.1.1
Assembly and Linker File for IAR EWARM
The following assembly code can be used for enabling the Flash Security. In this example the Flash Security sector
address is 0x0010.0000and the pattern is 0x0001:
www.cypress.com
Document No. 002-04438Rev.*A
1
How to Setup Flash Security for FM0+, FM3 and FM4 Families
MODULE FLASH_SECURITY
SECTION .flashsec: CONST (2)
DC16 0x0001
END
The filename is regardless. It is not necessary to give it the same name as the assembly module name.
Edit the corresponding linker file (*.icf) and add the following lines:
Define region FLASH_SECURITY_region = mem: [from 0x00100000 to
0x00100003];
Define symbol FLASH_SECURITY_ADDRESS = 0x00100000;
Place at address mem: FLASH_SECURITY_ADDRESS {read only section
.flashsec};
Assuming the filename is flash security. This section will occur in the mapping file of the linker after build like:
"A2":
FLASHSEC const
3.1.2
0x4
0x00100000
0x2 flash security.o [1]
- 0x00100002
0x2
Assembl y File for KEIL µVISION
The following assembly code can be used for enabling the Flash Security. In this example the Flash Security sector
address is 0x0010.0000and the pattern is 0x0001:
AREA
|.ARM.__at_0x00100000|, DATA, READONLY
DCB 0x01
DCB 0x00
END
The filename is regardless.
Assuming the filename is flash security. This section will occur in the mapping file of the linker as:
Load Region LR$$.ARM.__at_0x00100000 (Base: 0x00100000, Size:
0x00000004, Max: 0x00000004, ABSOLUTE)
Execution Region ER$$.ARM.__at_0x00100000 (Base: 0x00100000, Size:
0x00000004, Max: 0x00000004, ABSOLUTE, UNINIT)
Base Addr
Object
Size
Type
AttrIdx
0x00100000
0x00000002
Data
RO
.ARM.__at_0x00100000flash_security.o
www.cypress.com
Document No. 002-04438Rev.*A
E Section Name
83
2
How to Setup Flash Security for FM0+, FM3 and FM4 Families
3.1.3
Assembl y and Linker File for AtollicTrueStudio
The following assembly code can be used for enabling the Flash Security. In this example the Flash Security sector
address is 0x0010.0000and the pattern is 0x0001:
.section .flash security, "a"
.global _flash security
_flash security:
.long 0x00000001
The filename is regardless.
Edit the corresponding linker file (*.ld) and add the highlighted line in the MEMORY definition:
/* specify the memory areas */
MEMORY
{
FLASH (rx)
: ORIGIN = 0x00000000, LENGTH
RAM (xrw)
: ORIGIN = 0x1FFF8000, LENGTH
FLASHSEC (r)
: ORIGIN = 0x00100000, LENGTH
MEMORY_B1 (rx): ORIGIN = 0x60000000, LENGTH =
}
= 512K
= 64K
= 4
0K
Add the highlighted lines to the SECTION definitions just before the RAM section definitions:
. = ALIGN (4);
_edata=.;
/* define a global symbol at data end */
} >RAM AT> FLASH
.flash security:
{
. = ALIGN(4);
_flash security=.;
KEEP(*(.flash security))
. = ALIGN (4);
} >FLASHSEC
/* uninitialized data section */
. = ALIGN (4);
Assuming the filename is flashsec.s this section will occur in the mapping file of the linker as:
.flash security 0x00100000
0x00100000
0x00100000
*(.flash security)
.flash security
0x00100000
0x00100004
3.1.4
0x4
. = ALIGN (0x4)
_flash security= .
0x4 source/flashsec.o
. = ALIGN (0x4)
A s s e m b l y a n d L i n k e r F i l e f o r G N U C o m p i l e r E n vi r o n m e n t
Refer to the previous chapter (AtollicTrueStudio).
www.cypress.com
Document No. 002-04438Rev.*A
3
How to Setup Flash Security for FM0+, FM3 and FM4 Families
4
Setting Flash Security by Patching S-Record or HEX File
4.1
S-Record File Format
The S-Record file format lines consist typically of the character ‘S’, the type of the line, the byte count of the data
payload of this line, an address, the data payload, and a checksum byte.
The type codes of S-Record lines are:
Code
Description
Number of Address Bytes
Data field
S0
Block Header
2
Yes
S1
Data Payload
2
Yes
S2
Data Payload
3
Yes
S3
Data Payload
4
Yes
S5
Record Count
2
No
S7
End of Block
4
No
S8
End of Block
3
No
S9
End of Block
2
No
It is a good idea to put the Flash security data before the last S-Record line (S7-9):
Assume the Flash security is enabled by setting 0x0001 to the address 0x0010.0000. Then the additional SRecord line is:
S20810000001000000E6
Detailed explanation of this line:
Data Payload with 3
Byte Address
S
2
Byte Count
08
3 Byte Address
100000
Data Payload (Big
Endian)
01000000
Check Sum
E6
The checksum is calculated as: Add all bytes after the Sn type and before the checksum byte itself. Take only the
lower byte of the sum and invert the sum:
0x08 + 0x10 + 0x01 = 0x19
0x19 = 0xE6
4.2
(0x00 bytes are skipped in the calculation.)
HEX File Format
The Intel HEX file format lines for 32 bit architectures consist typically of a colon, the byte count of the data payload of
this line, an address, the type of the line, the data payload, and a checksum byte.
The type codes of HEX lines are:
Code
Description
0x00
Data payload
0x01
End of file
0x02
Extended Segment Address
0x03
Start Segment Address
0x04
Extended Linear Address
0x05
Start Linear Address
www.cypress.com
Document No. 002-04438Rev.*A
4
How to Setup Flash Security for FM0+, FM3 and FM4 Families
It is a good idea to put the Flash security data before the last HEX line, which is usually:
: 00000001FF
Assume the Flash security is enabled by setting 0x0001 to the address 0x0010.0000. Then the additional HEX
lines are:
: 020000040010EA
: 0400000001000000FB
Detailed explanation of these lines:
Data
Count
:
02
0000
Data
Count
:
Dummy Address
04
Extended Linear
Address
04
0010
Lower 16 Bit of
Security Address
0000
Data Line
00
Check Sum
Upper 16 Bit of Security
Address
EA
Security Code Data (Big
Endian)
01000000
Check Sum
FB
The checksum is calculated as: Add all bytes after ‘:’ and before the checksum byte itself. Take only the lower byte of
the sum. Invert the sum and add 1.
Example for first line:
0x02 + 0x04 + 0x10 = 0x16
0x16 = 0xE9
0xE9 + 0x01 = 0xEA
5
(0x00 bytes are skipped in the calculation)
Flash Security Sector Overview
The following tables give an overview of the Flash Security sector address and its activation pattern. Refer to the
peripheral manual for cross reference between device type and part number.
5.1
FM0+ Devices
Device Type
Flash Security address
Activation pattern
0
-
-
1
0x0010_0000
0x0001
www.cypress.com
Document No. 002-04438Rev.*A
5
How to Setup Flash Security for FM0+, FM3 and FM4 Families
5.2
FM3 Devices
Device Type
5.3
Flash Security address
Activation pattern
0
0x0010_0000
0x0001
1
0x0010_0000
0x0001
2
0x0010_0000
0x0001
3
0x0010_0000
0x0001
4
0x0010_0000
0x0001
5
0x0010_0000
0x0001
6
0x0010_0000
0x0001
7
0x0010_0000
0x0001
8
0x0010_0000
0x0001
9
0x0010_0000
0x0001
10
0x0010_0000
0x0001
11
0x0010_0000
0x0001
12
0x0040_0000
0x0001
FM4 Devices
Device Type
0
www.cypress.com
Flash Security address
0x0040_0000
Document No. 002-04438Rev.*A
Activation pattern
0x0001
6
How to Setup Flash Security for FM0+, FM3 and FM4 Families
6
Document History
Document Title: AN204438 - How to Setup Flash Security for FM0+, FM3 and FM4 Families
Document Number:002-04438
Revision
ECN
Orig. of
Change
Submission
Date
Description of Change
**
-
MAWI
07/01/2014
Initial Release
*A
5053149
MAWI
12/15/2015
Migrated Spansion Application Note FMx_AN706-00089-1v0-E to Cypress
format
www.cypress.com
Document No. 002-04438Rev.*A
7
How to Setup Flash Security for FM0+, FM3 and FM4 Families
Worldwide Sales and Design Support
Cypress maintains a worldwide network of offices, solution centers, manufacturer’s representatives, and distributors. To find
the office closest to you, visit us at Cypress Locations.
PSoC® Solutions
Products
Automotive
cypress.com/go/automotive
psoc.cypress.com/solutions
Clocks & Buffers
cypress.com/go/clocks
PSoC 1 | PSoC 3 | PSoC 4 | PSoC 5LP
Interface
cypress.com/go/interface
Cypress Developer Community
Lighting & Power Control
cypress.com/go/powerpsoc
Memory
cypress.com/go/memory
PSoC
cypress.com/go/psoc
Touch Sensing
cypress.com/go/touch
USB Controllers
cypress.com/go/usb
Wireless/RF
cypress.com/go/wireless
Spansion Products
spansion.com/products
Community | Forums |Blogs | Video |Training
Technical Support
cypress.com/go/support
All other trademarks or registered trademarks referenced herein are the property of their respective owners.
Cypress Semiconductor
198 Champion Court
San Jose, CA 95134-1709
Phone
Fax
Website
: 408-943-2600
: 408-943-4730
: www.cypress.com
© Cypress Semiconductor Corporation, 2014-2015. The information contained herein is subject to change without notice. Cypress Semiconductor
Corporation assumes no responsibility for the use of any circuitry other than circuitry embodied in a Cypress product. Nor does it convey or imply any
license under patent or other rights. Cypress products are not warranted nor intended to be used for medical, life support, life saving, critical control or
safety applications, unless pursuant to an express written agreement with Cypress. Furthermore, Cypress does not authorize its products for use as
critical components in life-support systems where a malfunction or failure may reasonably be expected to result in significant injury to the user. The
inclusion of Cypress products in life-support systems application implies that the manufacturer assumes all risk of such use and in doing so indemnifies
Cypress against all charges.
This Source Code (software and/or firmware) is owned by Cypress Semiconductor Corporation (Cypress) and is protected by and subject to worldwide
patent protection (United States and foreign), United States copyright laws and international treaty provisions. Cypress hereby grants to licensee a
personal, non-exclusive, non-transferable license to copy, use, modify, create derivative works of, and compile the Cypress Source Code and derivative
works for the sole purpose of creating custom software and or firmware in support of licensee product to be used only in conjunction with a Cypress
integrated circuit as specified in the applicable agreement. Any reproduction, modification, translation, compilation, or representation of this Source
Code except as specified above is prohibited without the express written permission of Cypress.
Disclaimer: CYPRESS MAKES NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, WITH REGARD TO THIS MATERIAL, INCLUDING, BUT
NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Cypress reserves the
right to make changes without further notice to the materials described herein. Cypress does not assume any liability arising out of the application or
use of any product or circuit described herein. Cypress does not authorize its products for use as critical components in life-support systems where a
malfunction or failure may reasonably be expected to result in significant injury to the user. The inclusion of Cypress’ product in a life-support systems
application implies that the manufacturer assumes all risk of such use and in doing so indemnifies Cypress against all charges.
Use may be limited by and subject to the applicable Cypress software license agreement.
www.cypress.com
Document No. 002-04438Rev.*A
8