 English |
|
|
|
|
|
|
|
| S912XHY128F0VLM Datasheet, PDF (665/802 Pages) Freescale Semiconductor, Inc – S12 Microcontrollers | |||
| |||
| ◁ |
128 KByte Flash Module (S12XFTMR128K1V1)
keys stored in the Flash memory via the Memory Controller. If the keys presented in the Verify Backdoor
Access Key command match the backdoor keys stored in the Flash memory, the SEC bits in the FSEC
register (see Table 19-7) will be changed to unsecure the MCU. Key values of 0x0000 and 0xFFFF are not
permitted as backdoor keys. While the Verify Backdoor Access Key command is active, P-Flash block 0
will not be available for read access and will return invalid data.
The user code stored in the P-Flash memory must have a method of receiving the backdoor keys from an
external stimulus. This external stimulus would typically be through one of the on-chip serial ports.
If the KEYEN[1:0] bits are in the enabled state (see Section 19.2.1.2), the MCU can be unsecured by the
backdoor key access sequence described below:
1. Follow the command sequence for the Verify Backdoor Access Key command as explained in
Section 19.3.2.11
2. If the Verify Backdoor Access Key command is successful, the MCU is unsecured and the
SEC[1:0] bits in the FSEC register are forced to the unsecure state of 10
The Verify Backdoor Access Key command is monitored by the Memory Controller and an illegal key will
prohibit future use of the Verify Backdoor Access Key command. A reset of the MCU is the only method
to re-enable the Verify Backdoor Access Key command.
After the backdoor keys have been correctly matched, the MCU will be unsecured. After the MCU is
unsecured, the sector containing the Flash security byte can be erased and the Flash security byte can be
reprogrammed to the unsecure state, if desired.
In the unsecure state, the user has full control of the contents of the backdoor keys by programming
addresses 0x7F_FF00â0x7F_FF07 in the Flash conï¬guration ï¬eld.
The security as deï¬ned in the Flash security byte (0x7F_FF0F) is not changed by using the Verify
Backdoor Access Key command sequence. The backdoor keys stored in addresses
0x7F_FF00â0x7F_FF07 are unaffected by the Verify Backdoor Access Key command sequence. After the
next reset of the MCU, the security state of the Flash module is determined by the Flash security byte
(0x7F_FF0F). The Verify Backdoor Access Key command sequence has no effect on the program and
erase protections deï¬ned in the Flash protection register, FPROT.
19.4.2 Unsecuring the MCU in Special Single Chip Mode using BDM
The MCU can be unsecured in special single chip mode by erasing the P-Flash and D-Flash memory by
one of the following methods:
⢠Reset the MCU into special single chip mode, delay while the erase test is performed by the BDM,
send BDM commands to disable protection in the P-Flash and D-Flash memory, and execute the
Erase All Blocks command write sequence to erase the P-Flash and D-Flash memory.
⢠Reset the MCU into special expanded wide mode, disable protection in the P-Flash and D-Flash
memory and run code from external memory to execute the Erase All Blocks command write
sequence to erase the P-Flash and D-Flash memory.
After the CCIF ï¬ag sets to indicate that the Erase All Blocks operation has completed, reset the MCU into
special single chip mode. The BDM will execute the Erase Verify All Blocks command write sequence to
verify that the P-Flash and D-Flash memory is erased. If the P-Flash and D-Flash memory are verified as
MC9S12XHY-Family Reference Manual, Rev. 1.01
Freescale Semiconductor
665
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese