Arduino SAMD21 bootloader protection II

At IoT – exploration of LoRaWAN – part 2 I reported some quality issues with two low cost SAMD21 Arduino Zero like boards, and at Arduino SAMD21 bootloader protection some related discussion.

In view of continuing experience of incorrectly programmed low cost SAMD21 boards, I have decided to re-flash them as a matter of course

Above is one of the culprit boards.

The following are the batch and JLink scripts that I use. They are designed to find the current location of a couple of files that have a version number as part of their paths.

@echo off

rem test for command extensions
if "~x0"=="%~x0" goto EXTERROR 
if "%%~x0"=="%~x0" goto EXTERROR
if not CmdExtVersion 2 goto EXTERROR


set BOOTLOADER=samd21_sam_ba
if not #%1==# set BOOTLOADER=%1
set PKGPATH="C:\Users\owen\AppData\Local\Arduino15\packages\arduino\hardware\samd"
set JLINKPATH="D:\Program Files (x86)\SEGGER"

set PREF=%~n0

rem generate a unique workfile name
set /a workfile=%RANDOM%+100000
rem set workfile=%TEMP%\prename-%workfile:~-4%.jls
set workfile=%PREF%-work-%workfile:~-4%.jls
if exist %workfile% goto tryworkfileagain

set JLINK=
rem find the jlink executable
FOR /F "tokens=* USEBACKQ" %%F IN (`where -r %JLINKPATH% jlink.exe`) DO SET JLINK="%%F"
if #%JLINK%==# goto badjlink

set HEX=
rem find the bootloader
FOR /F "tokens=* USEBACKQ" %%F IN (`where -r %PKGPATH% %BOOTLOADER%.hex`) DO SET HEX=%%F
if #%HEX%==# goto badhex

rem copy the script file with variable substitution
for /f "tokens=*" %%a in (%PREF%.jls) do echo %%a >>%workfile%

rem cat %workfile%

echo %JLINK% -Device ATSAMD21G18 -If SWD -Speed 4000 -autoconnect 1 -Log %PREF%.log -CommanderScript %workfile%
%JLINK% -Device ATSAMD21G18 -If SWD -Speed 4000 -autoconnect 1 -Log %PREF%.log -CommanderScript %workfile%

del %workfile%

goto eof

echo Error: cannot find jlink.exe
goto eof

echo Error: cannot find hex file %BOOTLOADER%
goto eof

echo:Error: this script requires command extensions v2 or later!>&2
goto eof



The following is the JLink script.

//display userrow
mem8 0x804000 0x10
//remove boot protection
w1 0x804000 0xff
loadfile !HEX!
// write default userrow with 8k boot protection
w4 0x804000 0xd8e0c7fa
w4 0x804004 0xfffffc5d
w4 0x804008 0xffffffff
w4 0x80400c 0xffffffff
mem8 0x804000 0x10

This process just works reliably and it results in a known current and protected bootloader.