Missing bootloader command

Elmue · ‎2026-05-19

The AN3156 explains on page 18 the Read Unprotect Command:

This command is selected when wValue = 0 and the first byte of the buffer sent by the host
is 0x92. The buffer length is only one (the command) byte.
The host sends a DFU_DNLOAD request with the above parameters to remove the read
protection of the internal flash memory.

It is very useful that you implemented a command to remove the read protection.
But this is useless if there is also a write protection active.
The user has no way to remove a write protection over the DFU protocol.

Why does this command not remove both: The read protection AND the write protection at the same time?
Why does STM implement nothing that allows to remove a write protection ?

STOne-32 · ‎2026-05-24

Dear @Elmue ,

Thank you for the feedback, indeed that command can be successful only if Write protections are also removed and handled by the bootloader embedded code in system memory to check in background else it will fail. We will check and back to you .
Regards,

STOne-32

Elmue · ‎2026-05-25

If you already look into the bootloader, please also fix this ugly bug:

https://community.st.com/t5/stm32-mcus-products/bif-fat-ugly-bug-in-stm32g0b1-bootloader/m-p/899414#M295555

FBL · ‎2026-05-25

Hi @Elmue @STOne-32

An internal ticket is submitted to dedicated team to clarify scope of this read unprotect command. For internal reference CDM0062909

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

Best regards,
FBL