7 loader access control, 2 .6 .7 loader access control -22 – Maxim Integrated MAXQ622 User Manual

MAXQ612/MAXQ622 User’s Guide

2-22

Maxim Integrated

2.6.7 Loader Access Control

As stated previously, the MAXQ612/MAXQ622 have three memory regions: system, user loader, and application . The
loader maintains a context register to determine which of the regions is to be the target of the loader commands . Family
0 and Family F commands have no context . They are global in scope . For details on the nonparty-specific loader com-
mands, refer to Application Note 4012: Implementing a JTAG Bootloader Master for the MAXQ2000 Microcontroller .
There are two Family F loader commands specific to the MAXQ612/MAXQ622:

Command 0xF0: GetContext

Input : None

Output : Context Byte – 00x00, SystemContext; 0x01, LoaderContext; 0x2, ApplicationContext

Command 0xF1” SetContext

Input : Context Byte – 0x00, SystemContext; 0x01, LoaderContext; 0x02, ApplicationContext

Output : Sets Error Code (retrieved using Getstatus bootloader command)

The bootloader sets a default context based on the lowest privileged region that exists . The default context is selected
according to the following rules:

If all three regions exist:

The user application context (UAPP_CONTEXT) .

If only system and user application regions exist:

The user application context .

If only system and user loader regions exist:

The user loader context (ULDR_CONTEXT) .

If only the system region exists:

The system context (SYSTEM)CONTEXT) . Only the default context will have its password tested and

corresponding PWL bit cleared . The context can be changed through the Family F commands shown above, but the
password for the new region is not tested after a context change and, therefore, a password match loader command
must be sent to clear the password lock bit of the associated region even if the password for that region is clear .
If the system password has not been set, memory protection is disabled by the ROM . If word address 000Eh in the
system code region is programmed (any value other than 0xFFFF), the debug lockout condition is set by setting
SC .DBGLCK to 1 (all debug functions are disabled) .
The “current context” is used by the loader to determine how to apply master erase and password-protected loader
commands . The master erase command erases pages starting at the base address of the current context and all
pages with addresses greater than the base address . Password-protected commands check the password lock bit of
the current region . The unlock password command uses the password from the current region (indicated by the current
context) to determine the state of the current region password lock .
The loader provides several commands that require a password and a master erase command that does not .
All password-protected commands check the following:
• System password match: Access to full memory
• Loader password match: Access to user memory
• Application password match: Access to user application memory
• No match: No access
Three PWL bits allow the loader to find out whether a password match was successful . The PWL bits for system and
user loader can only be written by utility ROM code (see Section 15.2 Password-Protected Access) .
Master erase does not require a password and defaults to erasing the user application only . Two Family F commands
are added that allow master erase of user loader and system code:
• Master erase system: Complete system erase .
• Master erase user loader: Erases user loader and user application.