Closed anvol closed 6 years ago
Agreed. Though it is easy to do with OpenOCD, it should be documented and/or done by firmware on first run.
Partly fixed (in readme) by 871eb2f506e44f1140241e894dd5fff1f755bad8
Build with:
make TARGET=BLUE_PILL ENFORCE_DEBUG_LOCK=1
to enable RDP automatically
The Read Out Protection is a global Flash memory read protection allowing the embedded firmware code to be protected against copy, reverse engineering, dumping using debug tools or other means of intrusive attack. This protection should be set by the user after the binary code is loaded to the embedded Flash memory.
When the read protection level 1 is activated, no access (read, erase, and program) to Flash memory or backup SRAM can be performed via debug features such as Serial Wire or JTAG, even while booting from SRAM or system memory bootloader. However, when booting from Flash memory, accesses to this memory and to backup SRAM from user code are allowed. Any read request to the protected Flash memory generates a bus error. Disabling RDP level 1 protection by re-programming RDP option byte to level 0 leads to a mass erase.
RDP must be set to Level 1 right after flashing firmware or on the first run. I think that verify&fix RDP at firmware level is more error-free. We can set OptionBits in the following way at first run (STM32 HAL used)