Pages: [1]   Go Down
Author Topic: Protect Sketch from being Read  (Read 1108 times)
0 Members and 1 Guest are viewing this topic.
Offline Offline
Jr. Member
**
Karma: 0
Posts: 61
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Ok i have looked around, and found that the sketch on the ATMEGA can be downloaded ( machine language not compile ) and can be put in another arduino.
I should avoid that. Can someone help me in a step to step explaination?
I'v undestood that only if i have an ISP i can set the fuse of the Atmega to avoid reading from external sources.
Are there any link i can read some info about this process? The software not the hardware.
Actually i'm using ATMEGA1280.

Hope someone can help me, but thanks anyway if you read trough here.
Logged

UK, Southwest
Offline Offline
Full Member
***
Karma: 5
Posts: 138
Arduino rocks
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

You need to read the ATMEL spec for the processor to see what fuses you need to change.

You will need an ISP, and there are plenty of posts on the forum about the various sorts of ISPs.  I use a arduino board clone that has links on it to allow ISP processing, I got it off ebay for less then £20.  You can also use some arduinos if you cut a track.

Once you have the ISP, the next step to find information is just to press shift when you download a sketch (this is not using the ISP, its just to find out where avrdude).  This shows the processes going on, and the one you will be interested in is avrdude.  The output will show on your system where avrdude is.

Then you need to run avrdude with no options, and read the documentation on that.  One of the things avrdude will do is write to the fuses. On my system the command to write a sketch with an ISP was:
$/home/roger/arduino-0022/hardware/tools/avrdude -C/home/roger/arduino-0022/hardware/tools/avrdude.conf -v -v -v -v -patmega168 -cstk500v1 -P/dev/ttyUSB0 -b19200 -D -Uflash:w:/tmp/build5814928292371967035.tmp/Blink.cpp.hex:i

The command to write a fuse will be similar but with the -U something like  -Ulofuse:w:AA

I would recommend that you buy a few processors, because I bet you will lock up a few.
« Last Edit: May 06, 2012, 01:31:54 pm by shelleycat » Logged

Switzerland
Offline Offline
Sr. Member
****
Karma: 6
Posts: 375
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

After uploading yor sketch, you need an ISP programmer to set the lock bits.  Something like the following will lock the chip from further programming.  Beware, this will block writing as well as reading.

Code:
ide\tools\avr\bin\avrdude -C ide\tools\avr\etc\avrdude.conf -p atmega328 -P com1 -b 19200 -c stk500v1 -v -u -U lock:w:0x00:m
Logged

Global Moderator
Netherlands
Offline Offline
Shannon Member
*****
Karma: 217
Posts: 13705
In theory there is no difference between theory and practice, however in practice there are many...
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset


from the AVRDUDE manual - http://nongnu.askapache.com/avrdude/avrdude-doc-5.5.pdf - page 21

Writing lock bits is supported, but is restricted to
the boot lock bits (BLBxx). These are restrictions imposed by the underlying SPM
instruction that is used to program the device from inside the boot loader. Note that
programming the boot lock bits can result in a “shoot-into-your-foot” scenario as the
only way to unprogram these bits is a chip erase, which will also erase the boot loader
code.


don't know for sure if this applies to all processors but as I read it I think you can revitalize locked up 328's. [still buy some extra]

Logged

Rob Tillaart

Nederlandse sectie - http://arduino.cc/forum/index.php/board,77.0.html -
(Please do not PM for private consultancy)

Pittsburgh, PA, USA
Offline Offline
Faraday Member
**
Karma: 98
Posts: 4807
I learn a bit every time I visit the forum.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

A high voltage programmer can clear the MCU.

I'm wondering if the bootloader sets any fuses limiting writing to flash when a sketch has been uploaded?

Logged

I find it harder to express logic in English than in Code.
Sometimes an example says more than many times as many words.

Switzerland
Offline Offline
Sr. Member
****
Karma: 6
Posts: 375
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Hmm, it does sound like fully-locked processors can still be erased, and perhaps even by the bootloader.  Who's going to try it?

As for setting the lock bits ... I think the Uno's Optiboot bootloader cannot do this at all - even the BLBxx bits.  I don't know about the other Arduino bootloaders.  The fuses cannot be changed by any bootloader.
Logged

Global Moderator
Offline Offline
Brattain Member
*****
Karma: 484
Posts: 18768
Lua rocks!
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

Looks like if you lock the flash from being verified (read) then you can only recover with a chip erase (which of course discards the flash memory).

If you also disable SPI programming then you would need the high-voltage programmer (eg. AVR Dragon) to recover.

Logged


Pittsburgh, PA, USA
Offline Offline
Faraday Member
**
Karma: 98
Posts: 4807
I learn a bit every time I visit the forum.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

I was more wondering if some part of the process would leave the RWW flash write-locked. Like after a sketch has been loaded.

If not then I think it may be possible for a routine in bootloader flash to write records to application flash, a 3k data logger program on a 328p could have better than 24k storage around 10,000 times which ain't bad for a few bucks.

AMForth does write to flash while running which they say about why they use no bootloader:
 
Quote
this can only be changed for bootloaders with an application usable API to use the flash self programming feature. There are none currently available.

I'm just interested in writing data to flash ATM.

When I was reading on lock bits I see a note about running interrupts in SPM being lockable which leaves the question of running unlocked, can code in SPM be called or triggered to copy SRAM contents into a record in flash?

Logged

I find it harder to express logic in English than in Code.
Sometimes an example says more than many times as many words.

Pittsburgh, PA, USA
Offline Offline
Faraday Member
**
Karma: 98
Posts: 4807
I learn a bit every time I visit the forum.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Looks like if you lock the flash from being verified (read) then you can only recover with a chip erase (which of course discards the flash memory).

 smiley-mr-green secrets stay secret

Quote
If you also disable SPI programming then you would need the high-voltage programmer (eg. AVR Dragon) to recover.

Interesting. You can be safe and still able to reprogram with cheap hardware.

Does SPIEN only enable SPI programming, because SPIEN looks at me and says SPI Enable. It doesn't turn all SPI off to have that bit = 1 does it? And no, I wouldn't mess with it.  smiley

Logged

I find it harder to express logic in English than in Code.
Sometimes an example says more than many times as many words.

Global Moderator
Offline Offline
Brattain Member
*****
Karma: 484
Posts: 18768
Lua rocks!
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

That's right, only the ICSP programming, which uses SPI.

No doubt you can still use SPI in your program.
Logged


Offline Offline
Jr. Member
**
Karma: 0
Posts: 61
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

I really thank you all for all your answer.

I think i will use another arduino as an ISP programmer.
for now i will download avr program and then, when i'll start to get some familiar, i will post here my question.
Ther's one thing i didnt get, when i lock the arduino memory, can i reprogram without any other hardware?
Logged

Anchorage, AK
Offline Offline
Edison Member
*
Karma: 42
Posts: 1176
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

To sum up, and hopefully clarify:

You can set a simple fuse (check the datasheet for your particular chip so see which) that prevents the flash from being read.  You can still erase the chip and write new code, you just can't read back the code that's already there.  (This is a code protection feature, and sounds like what you want.)

You can also lock the chip from being programmable by SPI at all -- no reading, no writing.  Poor-man's write-once.  This can still be undone with a high-voltage programmer, but it's a bit more trouble.  (This is meant to prevent any changes whatsoever, and sounds like overkill for what you want.)
Logged

Pages: [1]   Go Up
Jump to: