ColdFire Flash Module (CFM)
MCF52211 ColdFire® Integrated Microcontroller Reference Manual, Rev. 2
Freescale Semiconductor 18-31
18.4.3.2 Blank Check
A secured CFM can be unsecured by verifying that the entire flash memory is erased. If required, the mass
erase command can be executed on the flash memory. The blank check command must then be executed
on the flash memory. The CFM is unsecured if the blank check operation determines that the entire flash
memory is erased. After the next reset sequence, the security state of the CFM is determined by the flash
security word at address offset 0x0414. For further details on security, see the MCU security specification.
18.4.3.3 JTAG Lockout Recovery
A secured CFM can be unsecured by mass erasing the flash memory via a sequence of JTAG commands,
as specified in the system level security documentation followed by a reset of the MCU.
18.4.3.4 EzPort Lockout Recovery
A secured CFM can also be unsecured by mass erasing the flash memory via the EzPort bulk erase (BE)
command. Doing so clears the flash security (FS) bit in the EzPort status register , after which a reset chip
(RESET) command can be issued to regain access to the device.