Yahoo Groups archive

Lpc2000

Index last updated: 2026-04-28 23:31 UTC

Message

Re: FLASH Security

2005-12-17 by philips_apps

Hello Jayasooriah,

Code Read Protection (CRP) was implemented with intention to protect 
on-chip Flash content from preying eyes. 

In context of a system with external memory, this means that 
external memory components can be used, but in that case LPC2000 
with enabled CRP cannot boot from external memory.

Once LPC2000 starts executing user's code it does not care if the 
code is on or off chip, as long as fetched op-code is valid. If a 
LPC2000 device would have CRP enabled and booting process would 
direct code execution to an application in external memory, there 
would be no way to protect on-chip flash content from being read by 
such application.

However, having CRP enabled in a system with external memory and 
booting from on-chip flash is perfectly valid scenario. As long as 
LPC2000 is not fetching any executable code from external memory, 
CRP will accomplish what it is designed for. This is the case when 
external memory is used for data storage only.

All in all, the moment an off-chip located code is fetched, CRP's 
role is voided.

Regards,

Philips Apps Team



--- In lpc2000@yahoogroups.com, "jayasooriah" <jayasooriah@y...> 
wrote:
>
> Why is external memory boot is disabled when CRP is active.  Is 
this
> because code in external memory can always read flash no matter 
what?
> 
> Does this mean that if you need CRP you cannot have external 
memory?
> 
> --- In lpc2000@yahoogroups.com, "Joel Winarske" <joelw@i...> wrote:
> > User Manual excerpt:
> > 
> > Code Read Protection (CRP)
> > --------------------------
> > Code read protection is enabled by programming the flash address
> location
> > 0x1FC (User flash sector 0) with value 0x8765 4321 (2271560481 
Decimal).
> > Address 0x1FC is used to allow some room for the FIQ exception
> handler. When
> > the code read protection is enabled the JTAG debug port, 
external memory
> > boot and the following ISP commands are disabled:
> > . Read Memory
> > . Write to RAM
> > . Go
> > . Copy RAM to Flash
> > The ISP commands mentioned above terminate with return code
> > CODE_READ_PROTECTION_ENABLED. The ISP erase command only allows 
erasure
> > of all user sectors when the code read protection is enabled. 
This
> > limitation does not exist if the code read protection is not
> enabled. IAP
> > commands are not affected by the code read protection.
> >
>

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.