fw/nrf52: Use UICR to simulate OTP on nRF5 platforms. [FIRM-35] #177
+95
−41
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nRF5 doesn't actually have true one-time programmable memory, but it does have some memory that is separate from the user program and some memory that is separate from the external SPI flash, called UICR. UICR can still be erased, and it is vaguely possible to accidentally erase it with OpenOCD's nrf52_recover command... but all that said, this is probably the most reasonable place to put serial numbers. (Pebble serial numbers are neither read-protected nor forgery-proof: they are not signed at manufacture. So if a user wants to mess with their hardware in a way that might need nrf52_recover'ing, then it may not be a bad idea in the future to provide a tool in this repository to back up and restore the UICR.) Tested by building PRF and using 'serial read', 'pcbaserial write', 'hwver write' commands. Note that since asterix is still treated as IS_BIGBOARD, main.c tries to assign it a serial number on boot! Signed-off-by: Joshua Wise <[email protected]>
|
Thanks for the PR on this, initially looks good. I’ll take some time to analyze what we need to store, if something is missing, etc. before merging. |
|
I've found that our QSPI flash has true OTP registers (see security registers here https://www.gigadevice.com.cn/Public/Uploads/uploadfile/files/20220714/DS-00619-GD25LE255E-Rev1.2.pdf). I think it'll be safer to use those so stuff like S/N can never be erased from a unit. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
nRF5 doesn't actually have true one-time programmable memory, but it does have some memory that is separate from the user program and some memory that is separate from the external SPI flash, called UICR. UICR can still be erased, and it is vaguely possible to accidentally erase it with OpenOCD's nrf52_recover command... but all that said, this is probably the most reasonable place to put serial numbers. (Pebble serial numbers are neither read-protected nor forgery-proof: they are not signed at manufacture. So if a user wants to mess with their hardware in a way that might need nrf52_recover'ing, then it may not be a bad idea in the future to provide a tool in this repository to back up and restore the UICR.)
Tested by building PRF and using 'serial read', 'pcbaserial write', 'hwver write' commands. Note that since asterix is still treated as IS_BIGBOARD, main.c tries to assign it a serial number on boot!