Geehy APM32

From SEGGER Wiki
Jump to navigation Jump to search

The APM32 Series is a family of Cortex-M devices by Geehy. The following article contains information which applies to all members of the product family (e.g. readout protection). Information which is more specific to the respective sub-family (e.g. QSPI programming) is provided in family specific articles.

A list of all Geehy devices supported by SEGGER can be found here. For further information regarding the APM32 product family, please refer to the website and documentation by Geehy.

Device specific connect

Device security

On connect, the device security is checked. If security is set (and recoverable) the user is asked if they want security to be lifted. If the user agrees, security is lifted by J-Link (if possible).

  • The device is briefly halted while checking security. This is done because in some cases, device security might be detected wrongly while the device is running.
  • In most cases, unsecuring the device causes a mass erase of the flash.
  • It is possible to save the selection of the unlock dialog. To reset this, please refer to: Reset unlock message box.

MCU Security

The APM32 series devices provide option bytes which allow "permanent" configuration as well as readout protection for the device. In order to enable or disable readout protection, a sequence of multiple read / write accesses to special function registers of the APM32 MCU has to be performed. The sequence is different for each sub-family of the APM32 device series and is described in the respective reference manual of the device. A list of example J-Link commander files and J-Flash projects which enable the readout protection of an APM32 device is provided below. Please note that the provided files serves as an example / proof of concept. A user may alter them in order to suit their specific use case, e.g. using smaller timeouts, programming other values, etc.

Disabling readout protection

J-Link Commander and J-Flash

J-Link Commander and J-Flash automatically detect secured APM32 devices and ask the user if it should be unlocked.

Enabling readout protection

All provided J-Link Commander command files and J-Flash projects set the read out protection to level 1 (ROP == Level 1). In order to set ROP Level 2, the value "0xBB" needs to be changed to "0xCC" where indicated in the command file / Exit steps of the J-Flash project. Please note that ROP Level 2 is permanent and can neither be reverted by SEGGER nor by Geehy.

Device Table

APM32 series overview
Sub-Family Core J-Link Commander and J-Flash:
native Unlock support
J-Link Commander:
Lock via command file
Lock project
APM32E103 Cortex-M3 YES.png APM32E103_Lock.jlink APM32E103_Lock.jflash
APM32F003 Cortex-M0+ YES.png APM32F003_Lock.jlink APM32F003_Lock.jflash
APM32F030 Cortex-M0+ YES.png APM32F030_Lock.jlink APM32F030_Lock.jflash
APM32F035 Cortex-M0+ YES.png APM32F035_Lock.jlink APM32F035_Lock.jflash
APM32F051 Cortex-M0+ YES.png APM32F051_Lock.jlink APM32F051_Lock.jflash
APM32F072 Cortex-M0+ YES.png APM32F072_Lock.jlink APM32F072_Lock.jflash
APM32F091 Cortex-M0+ YES.png APM32F091_Lock.jlink APM32F091_Lock.jflash
APM32F103 Cortex-M3 YES.png APM32F103_Lock.jlink APM32F103_Lock.jflash
APM32F407 Cortex-M4 YES.png APM32F407_Lock.jlink APM32F407_Lock.jflash
APM32F411 Cortex-M4 YES.png APM32F411_Lock.jlink APM32F411_Lock.jflash
Some APM32 devices require a power-on reset if the read out protection is set and the debugger is still connected through JTAG/SWD.

All command files and J-Flash projects have a specific MCU selected. For the sole purpose of locking the device via J-Link commander changing of the device name is not necessary, but it is mandatory to change the device name to the actual device used when using J-Flash or doing any flash programming in J-Link commander.

Please note that securing a device via J-Link command files is limited in a way that interpretation of return values, if / else branches etc. are not available. Therefore, production programming and securing of devices can only be done with J-Flash or the J-Link SDK. In any case, it is the responsibility of the user to verify that the required read out protection is active before the programming device leaves the production facility.