xref: /openbmc/u-boot/cmd/otp.c (revision 3ba98ed8)
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Copyright 2021 Aspeed Technology Inc.
4  */
5 
6 #include <stdlib.h>
7 #include <common.h>
8 #include <console.h>
9 #include <bootretry.h>
10 #include <cli.h>
11 #include <command.h>
12 #include <console.h>
13 #include <malloc.h>
14 #include <inttypes.h>
15 #include <mapmem.h>
16 #include <asm/io.h>
17 #include <linux/compiler.h>
18 #include <linux/iopoll.h>
19 #include <u-boot/sha256.h>
20 #include <u-boot/sha512.h>
21 #include <u-boot/rsa.h>
22 #include <u-boot/rsa-mod-exp.h>
23 #include <dm.h>
24 #include "otp_info.h"
25 
26 DECLARE_GLOBAL_DATA_PTR;
27 
28 #define OTP_VER				"2.0.0"
29 
30 #define OTP_PASSWD			0x349fe38a
31 #define RETRY				20
32 #define OTP_REGION_STRAP		BIT(0)
33 #define OTP_REGION_CONF			BIT(1)
34 #define OTP_REGION_DATA			BIT(2)
35 
36 #define OTP_USAGE			-1
37 #define OTP_FAILURE			-2
38 #define OTP_SUCCESS			0
39 
40 #define OTP_PROG_SKIP			1
41 
42 #define OTP_KEY_TYPE_RSA_PUB		1
43 #define OTP_KEY_TYPE_RSA_PRIV		2
44 #define OTP_KEY_TYPE_AES		3
45 #define OTP_KEY_TYPE_VAULT		4
46 #define OTP_KEY_TYPE_HMAC		5
47 
48 #define OTP_LIT_END			0
49 #define OTP_BIG_END			1
50 
51 #define OTP_BASE		0x1e6f2000
52 #define OTP_PROTECT_KEY		OTP_BASE
53 #define OTP_COMMAND		OTP_BASE + 0x4
54 #define OTP_TIMING		OTP_BASE + 0x8
55 #define OTP_ADDR		OTP_BASE + 0x10
56 #define OTP_STATUS		OTP_BASE + 0x14
57 #define OTP_COMPARE_1		OTP_BASE + 0x20
58 #define OTP_COMPARE_2		OTP_BASE + 0x24
59 #define OTP_COMPARE_3		OTP_BASE + 0x28
60 #define OTP_COMPARE_4		OTP_BASE + 0x2c
61 #define SW_REV_ID0		OTP_BASE + 0x68
62 #define SW_REV_ID1		OTP_BASE + 0x6c
63 #define SEC_KEY_NUM		OTP_BASE + 0x78
64 
65 #define OTP_MAGIC		"SOCOTP"
66 #define CHECKSUM_LEN		64
67 #define OTP_INC_DATA		BIT(31)
68 #define OTP_INC_CONFIG		BIT(30)
69 #define OTP_INC_STRAP		BIT(29)
70 #define OTP_ECC_EN		BIT(28)
71 #define OTP_INC_SCU_PRO		BIT(25)
72 #define OTP_REGION_SIZE(info)	((info >> 16) & 0xffff)
73 #define OTP_REGION_OFFSET(info)	(info & 0xffff)
74 #define OTP_IMAGE_SIZE(info)	(info & 0xffff)
75 
76 #define OTP_A0		0
77 #define OTP_A1		1
78 #define OTP_A2		2
79 #define OTP_A3		3
80 
81 #define ID0_AST2600A0	0x05000303
82 #define ID1_AST2600A0	0x05000303
83 #define ID0_AST2600A1	0x05010303
84 #define ID1_AST2600A1	0x05010303
85 #define ID0_AST2600A2	0x05010303
86 #define ID1_AST2600A2	0x05020303
87 #define ID0_AST2600A3	0x05030303
88 #define ID1_AST2600A3	0x05030303
89 #define ID0_AST2620A1	0x05010203
90 #define ID1_AST2620A1	0x05010203
91 #define ID0_AST2620A2	0x05010203
92 #define ID1_AST2620A2	0x05020203
93 #define ID0_AST2620A3	0x05030203
94 #define ID1_AST2620A3	0x05030203
95 #define ID0_AST2620A3	0x05030203
96 #define ID1_AST2620A3	0x05030203
97 #define ID0_AST2605A2	0x05010103
98 #define ID1_AST2605A2	0x05020103
99 #define ID0_AST2605A3	0x05030103
100 #define ID1_AST2605A3	0x05030103
101 #define ID0_AST2625A3	0x05030403
102 #define ID1_AST2625A3	0x05030403
103 
104 #define SOC_AST2600A0	0
105 #define SOC_AST2600A1	1
106 #define SOC_AST2600A2	2
107 #define SOC_AST2600A3	3
108 
109 #define OTPTOOL_VERSION(a, b, c) (((a) << 24) + ((b) << 12) + (c))
110 #define OTPTOOL_VERSION_MAJOR(x) (((x) >> 24) & 0xff)
111 #define OTPTOOL_VERSION_PATCHLEVEL(x) (((x) >> 12) & 0xfff)
112 #define OTPTOOL_VERSION_SUBLEVEL(x) ((x) & 0xfff)
113 #define OTPTOOL_COMPT_VERSION 2
114 
115 struct otp_header {
116 	u8	otp_magic[8];
117 	u32	soc_ver;
118 	u32	otptool_ver;
119 	u32	image_info;
120 	u32	data_info;
121 	u32	config_info;
122 	u32	strap_info;
123 	u32	scu_protect_info;
124 	u32	checksum_offset;
125 } __packed;
126 
127 struct otpstrap_status {
128 	int value;
129 	int option_array[7];
130 	int remain_times;
131 	int writeable_option;
132 	int protected;
133 };
134 
135 struct otpkey_type {
136 	int value;
137 	int key_type;
138 	int order;
139 	int need_id;
140 	char *information;
141 };
142 
143 struct otp_pro_sts {
144 	char mem_lock;
145 	char pro_key_ret;
146 	char pro_strap;
147 	char pro_conf;
148 	char pro_data;
149 	char pro_sec;
150 	u32 sec_size;
151 };
152 
153 struct otp_info_cb {
154 	int version;
155 	char ver_name[3];
156 	const struct otpstrap_info *strap_info;
157 	int strap_info_len;
158 	const struct otpconf_info *conf_info;
159 	int conf_info_len;
160 	const struct otpkey_type *key_info;
161 	int key_info_len;
162 	const struct scu_info *scu_info;
163 	int scu_info_len;
164 	struct otp_pro_sts pro_sts;
165 };
166 
167 struct otp_image_layout {
168 	int data_length;
169 	int conf_length;
170 	int strap_length;
171 	int scu_pro_length;
172 	u8 *data;
173 	u8 *data_ignore;
174 	u8 *conf;
175 	u8 *conf_ignore;
176 	u8 *strap;
177 	u8 *strap_pro;
178 	u8 *strap_ignore;
179 	u8 *scu_pro;
180 	u8 *scu_pro_ignore;
181 };
182 
183 struct sb_info {
184 	int header_offset;
185 	int secure_region;
186 	int rsa_algo;
187 	int sha_algo;
188 	int digest_len;
189 	int retire_list[8];
190 	int enc_flag;
191 };
192 
193 struct key_list {
194 	const struct otpkey_type *key_info;
195 	int offset;
196 	int id;
197 	int retire;
198 };
199 
200 struct sb_header {
201 	u32 aes_data_offset;
202 	u32 enc_offset;
203 	u32 sign_image_size;
204 	u32 signature_offset;
205 	u32 revision_low;
206 	u32 revision_high;
207 	u32 reserved;
208 	u32 bl1_header_checksum;
209 };
210 
211 static struct otp_info_cb info_cb;
212 
213 static const struct otpkey_type a0_key_type[] = {
214 	{0, OTP_KEY_TYPE_AES,       OTP_LIT_END, 0, "AES-256 as OEM platform key for image encryption/decryption"},
215 	{1, OTP_KEY_TYPE_VAULT,     OTP_LIT_END, 0, "AES-256 as secret vault key"},
216 	{4, OTP_KEY_TYPE_HMAC,      OTP_LIT_END, 1, "HMAC as encrypted OEM HMAC keys in Mode 1"},
217 	{8, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 1, "RSA-public as OEM DSS public keys in Mode 2"},
218 	{9, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 0, "RSA-public as SOC public key"},
219 	{10, OTP_KEY_TYPE_RSA_PUB,  OTP_LIT_END, 0, "RSA-public as AES key decryption key"},
220 	{13, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as SOC private key"},
221 	{14, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as AES key decryption key"},
222 };
223 
224 static const struct otpkey_type a1_key_type[] = {
225 	{1, OTP_KEY_TYPE_VAULT,     OTP_LIT_END, 0, "AES-256 as secret vault key"},
226 	{2, OTP_KEY_TYPE_AES,       OTP_LIT_END, 1, "AES-256 as OEM platform key for image encryption/decryption in Mode 2 or AES-256 as OEM DSS keys for Mode GCM"},
227 	{8, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 1, "RSA-public as OEM DSS public keys in Mode 2"},
228 	{10, OTP_KEY_TYPE_RSA_PUB,  OTP_LIT_END, 0, "RSA-public as AES key decryption key"},
229 	{14, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as AES key decryption key"},
230 };
231 
232 static const struct otpkey_type a2_key_type[] = {
233 	{1, OTP_KEY_TYPE_VAULT,     OTP_LIT_END, 0, "AES-256 as secret vault key"},
234 	{2, OTP_KEY_TYPE_AES,       OTP_LIT_END, 1, "AES-256 as OEM platform key for image encryption/decryption in Mode 2 or AES-256 as OEM DSS keys for Mode GCM"},
235 	{8, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 1, "RSA-public as OEM DSS public keys in Mode 2"},
236 	{10, OTP_KEY_TYPE_RSA_PUB,  OTP_LIT_END, 0, "RSA-public as AES key decryption key"},
237 	{14, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as AES key decryption key"},
238 };
239 
240 static const struct otpkey_type a3_key_type[] = {
241 	{1, OTP_KEY_TYPE_VAULT,     OTP_LIT_END, 0, "AES-256 as secret vault key"},
242 	{2, OTP_KEY_TYPE_AES,       OTP_LIT_END, 1, "AES-256 as OEM platform key for image encryption/decryption in Mode 2 or AES-256 as OEM DSS keys for Mode GCM"},
243 	{8, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 1, "RSA-public as OEM DSS public keys in Mode 2"},
244 	{9, OTP_KEY_TYPE_RSA_PUB,   OTP_BIG_END, 1, "RSA-public as OEM DSS public keys in Mode 2(big endian)"},
245 	{10, OTP_KEY_TYPE_RSA_PUB,  OTP_LIT_END, 0, "RSA-public as AES key decryption key"},
246 	{11, OTP_KEY_TYPE_RSA_PUB,  OTP_BIG_END, 0, "RSA-public as AES key decryption key(big endian)"},
247 	{12, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as AES key decryption key"},
248 	{13, OTP_KEY_TYPE_RSA_PRIV, OTP_BIG_END, 0, "RSA-private as AES key decryption key(big endian)"},
249 };
250 
251 static void buf_print(u8 *buf, int len)
252 {
253 	int i;
254 
255 	printf("      00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F\n");
256 	for (i = 0; i < len; i++) {
257 		if (i % 16 == 0)
258 			printf("%04X: ", i);
259 		printf("%02X ", buf[i]);
260 		if ((i + 1) % 16 == 0)
261 			printf("\n");
262 	}
263 	printf("\n");
264 }
265 
266 static int get_dw_bit(u32 *rid, int offset)
267 {
268 	int bit_offset;
269 	int i;
270 
271 	if (offset < 32) {
272 		i = 0;
273 		bit_offset = offset;
274 	} else {
275 		i = 1;
276 		bit_offset = offset - 32;
277 	}
278 	if ((rid[i] >> bit_offset) & 0x1)
279 		return 1;
280 	else
281 		return 0;
282 }
283 
284 static int get_rid_num(u32 *rid)
285 {
286 	int i;
287 	int fz = 0;
288 	int rid_num = 0;
289 	int ret = 0;
290 
291 	for (i = 0; i < 64; i++) {
292 		if (get_dw_bit(rid, i) == 0) {
293 			if (!fz)
294 				fz = 1;
295 
296 		} else {
297 			rid_num++;
298 			if (fz)
299 				ret = OTP_FAILURE;
300 		}
301 	}
302 	if (ret)
303 		return ret;
304 
305 	return rid_num;
306 }
307 
308 static u32 chip_version(void)
309 {
310 	u32 revid0, revid1;
311 
312 	revid0 = readl(ASPEED_REVISION_ID0);
313 	revid1 = readl(ASPEED_REVISION_ID1);
314 
315 	if (revid0 == ID0_AST2600A0 && revid1 == ID1_AST2600A0) {
316 		/* AST2600-A0 */
317 		return OTP_A0;
318 	} else if (revid0 == ID0_AST2600A1 && revid1 == ID1_AST2600A1) {
319 		/* AST2600-A1 */
320 		return OTP_A1;
321 	} else if (revid0 == ID0_AST2600A2 && revid1 == ID1_AST2600A2) {
322 		/* AST2600-A2 */
323 		return OTP_A2;
324 	} else if (revid0 == ID0_AST2600A3 && revid1 == ID1_AST2600A3) {
325 		/* AST2600-A3 */
326 		return OTP_A3;
327 	} else if (revid0 == ID0_AST2620A1 && revid1 == ID1_AST2620A1) {
328 		/* AST2620-A1 */
329 		return OTP_A1;
330 	} else if (revid0 == ID0_AST2620A2 && revid1 == ID1_AST2620A2) {
331 		/* AST2620-A2 */
332 		return OTP_A2;
333 	} else if (revid0 == ID0_AST2620A3 && revid1 == ID1_AST2620A3) {
334 		/* AST2620-A3 */
335 		return OTP_A3;
336 	} else if (revid0 == ID0_AST2605A2 && revid1 == ID1_AST2605A2) {
337 		/* AST2605-A2 */
338 		return OTP_A2;
339 	} else if (revid0 == ID0_AST2605A3 && revid1 == ID1_AST2605A3) {
340 		/* AST2605-A3 */
341 		return OTP_A3;
342 	} else if (revid0 == ID0_AST2625A3 && revid1 == ID1_AST2625A3) {
343 		/* AST2605-A3 */
344 		return OTP_A3;
345 	}
346 	return OTP_FAILURE;
347 }
348 
349 static int wait_complete(void)
350 {
351 	u32 val;
352 	int ret;
353 
354 	udelay(1);
355 	ret = readl_poll_timeout(OTP_STATUS, val, (val & 0x6) == 0x6, 100000);
356 	if (ret)
357 		printf("%s: timeout, SEC14 = 0x%x\n", __func__, val);
358 
359 	return ret;
360 }
361 
362 static void otp_write(u32 otp_addr, u32 data)
363 {
364 	writel(otp_addr, OTP_ADDR); //write address
365 	writel(data, OTP_COMPARE_1); //write data
366 	writel(0x23b1e362, OTP_COMMAND); //write command
367 	wait_complete();
368 }
369 
370 static void otp_soak(int soak)
371 {
372 	if (info_cb.version == OTP_A2 || info_cb.version == OTP_A3) {
373 		switch (soak) {
374 		case 0: //default
375 			otp_write(0x3000, 0x0); // Write MRA
376 			otp_write(0x5000, 0x0); // Write MRB
377 			otp_write(0x1000, 0x0); // Write MR
378 			break;
379 		case 1: //normal program
380 			otp_write(0x3000, 0x1320); // Write MRA
381 			otp_write(0x5000, 0x1008); // Write MRB
382 			otp_write(0x1000, 0x0024); // Write MR
383 			writel(0x04191388, OTP_TIMING); // 200us
384 			break;
385 		case 2: //soak program
386 			otp_write(0x3000, 0x1320); // Write MRA
387 			otp_write(0x5000, 0x0007); // Write MRB
388 			otp_write(0x1000, 0x0100); // Write MR
389 			writel(0x04193a98, OTP_TIMING); // 600us
390 			break;
391 		}
392 	} else {
393 		switch (soak) {
394 		case 0: //default
395 			otp_write(0x3000, 0x0); // Write MRA
396 			otp_write(0x5000, 0x0); // Write MRB
397 			otp_write(0x1000, 0x0); // Write MR
398 			break;
399 		case 1: //normal program
400 			otp_write(0x3000, 0x4021); // Write MRA
401 			otp_write(0x5000, 0x302f); // Write MRB
402 			otp_write(0x1000, 0x4020); // Write MR
403 			writel(0x04190760, OTP_TIMING); // 75us
404 			break;
405 		case 2: //soak program
406 			otp_write(0x3000, 0x4021); // Write MRA
407 			otp_write(0x5000, 0x1027); // Write MRB
408 			otp_write(0x1000, 0x4820); // Write MR
409 			writel(0x041930d4, OTP_TIMING); // 500us
410 			break;
411 		}
412 	}
413 
414 	wait_complete();
415 }
416 
417 static void otp_read_data(u32 offset, u32 *data)
418 {
419 	writel(offset, OTP_ADDR); //Read address
420 	writel(0x23b1e361, OTP_COMMAND); //trigger read
421 	wait_complete();
422 	data[0] = readl(OTP_COMPARE_1);
423 	data[1] = readl(OTP_COMPARE_2);
424 }
425 
426 static void otp_read_conf(u32 offset, u32 *data)
427 {
428 	int config_offset;
429 
430 	config_offset = 0x800;
431 	config_offset |= (offset / 8) * 0x200;
432 	config_offset |= (offset % 8) * 0x2;
433 
434 	writel(config_offset, OTP_ADDR);  //Read address
435 	writel(0x23b1e361, OTP_COMMAND); //trigger read
436 	wait_complete();
437 	data[0] = readl(OTP_COMPARE_1);
438 }
439 
440 static int otp_compare(u32 otp_addr, u32 addr)
441 {
442 	u32 ret;
443 	u32 *buf;
444 
445 	buf = map_physmem(addr, 16, MAP_WRBACK);
446 	printf("%08X\n", buf[0]);
447 	printf("%08X\n", buf[1]);
448 	printf("%08X\n", buf[2]);
449 	printf("%08X\n", buf[3]);
450 	writel(otp_addr, OTP_ADDR); //Compare address
451 	writel(~buf[0], OTP_COMPARE_1); //Compare data 1
452 	writel(~buf[1], OTP_COMPARE_2); //Compare data 2
453 	writel(~buf[2], OTP_COMPARE_3); //Compare data 3
454 	writel(~buf[3], OTP_COMPARE_4); //Compare data 4
455 	writel(0x23b1e363, OTP_COMMAND); //Compare command
456 	wait_complete();
457 	ret = readl(OTP_STATUS); //Compare command
458 	if (ret & 0x1)
459 		return OTP_SUCCESS;
460 	else
461 		return OTP_FAILURE;
462 }
463 
464 static int verify_bit(u32 otp_addr, int bit_offset, int value)
465 {
466 	u32 ret[2];
467 
468 	if (otp_addr % 2 == 0)
469 		writel(otp_addr, OTP_ADDR); //Read address
470 	else
471 		writel(otp_addr - 1, OTP_ADDR); //Read address
472 
473 	writel(0x23b1e361, OTP_COMMAND); //trigger read
474 	wait_complete();
475 	ret[0] = readl(OTP_COMPARE_1);
476 	ret[1] = readl(OTP_COMPARE_2);
477 
478 	if (otp_addr % 2 == 0) {
479 		if (((ret[0] >> bit_offset) & 1) == value)
480 			return OTP_SUCCESS;
481 		else
482 			return OTP_FAILURE;
483 	} else {
484 		if (((ret[1] >> bit_offset) & 1) == value)
485 			return OTP_SUCCESS;
486 		else
487 			return OTP_FAILURE;
488 	}
489 }
490 
491 static u32 verify_dw(u32 otp_addr, u32 *value, u32 *ignore, u32 *compare, int size)
492 {
493 	u32 ret[2];
494 
495 	otp_addr &= ~(1 << 15);
496 
497 	if (otp_addr % 2 == 0)
498 		writel(otp_addr, OTP_ADDR); //Read address
499 	else
500 		writel(otp_addr - 1, OTP_ADDR); //Read address
501 	writel(0x23b1e361, OTP_COMMAND); //trigger read
502 	wait_complete();
503 	ret[0] = readl(OTP_COMPARE_1);
504 	ret[1] = readl(OTP_COMPARE_2);
505 	if (size == 1) {
506 		if (otp_addr % 2 == 0) {
507 			// printf("check %x : %x = %x\n", otp_addr, ret[0], value[0]);
508 			if ((value[0] & ~ignore[0]) == (ret[0] & ~ignore[0])) {
509 				compare[0] = 0;
510 				return OTP_SUCCESS;
511 			}
512 			compare[0] = value[0] ^ ret[0];
513 			return OTP_FAILURE;
514 
515 		} else {
516 			// printf("check %x : %x = %x\n", otp_addr, ret[1], value[0]);
517 			if ((value[0] & ~ignore[0]) == (ret[1] & ~ignore[0])) {
518 				compare[0] = ~0;
519 				return OTP_SUCCESS;
520 			}
521 			compare[0] = ~(value[0] ^ ret[1]);
522 			return OTP_FAILURE;
523 		}
524 	} else if (size == 2) {
525 		// otp_addr should be even
526 		if ((value[0] & ~ignore[0]) == (ret[0] & ~ignore[0]) && (value[1] & ~ignore[1]) == (ret[1] & ~ignore[1])) {
527 			// printf("check[0] %x : %x = %x\n", otp_addr, ret[0], value[0]);
528 			// printf("check[1] %x : %x = %x\n", otp_addr, ret[1], value[1]);
529 			compare[0] = 0;
530 			compare[1] = ~0;
531 			return OTP_SUCCESS;
532 		}
533 		// printf("check[0] %x : %x = %x\n", otp_addr, ret[0], value[0]);
534 		// printf("check[1] %x : %x = %x\n", otp_addr, ret[1], value[1]);
535 		compare[0] = value[0] ^ ret[0];
536 		compare[1] = ~(value[1] ^ ret[1]);
537 		return OTP_FAILURE;
538 	} else {
539 		return OTP_FAILURE;
540 	}
541 }
542 
543 static int otp_prog(u32 otp_addr, u32 prog_bit)
544 {
545 	otp_write(0x0, prog_bit);
546 	writel(otp_addr, OTP_ADDR); //write address
547 	writel(prog_bit, OTP_COMPARE_1); //write data
548 	writel(0x23b1e364, OTP_COMMAND); //write command
549 
550 	return wait_complete();
551 }
552 
553 static int _otp_prog_bit(u32 value, u32 prog_address, u32 bit_offset)
554 {
555 	int prog_bit;
556 
557 	if (prog_address % 2 == 0) {
558 		if (value)
559 			prog_bit = ~(0x1 << bit_offset);
560 		else
561 			return 0;
562 	} else {
563 		if (info_cb.version != OTP_A3)
564 			prog_address |= 1 << 15;
565 		if (!value)
566 			prog_bit = 0x1 << bit_offset;
567 		else
568 			return 0;
569 	}
570 	return otp_prog(prog_address, prog_bit);
571 }
572 
573 static int otp_prog_dc_b(u32 value, u32 prog_address, u32 bit_offset)
574 {
575 	int pass;
576 	int i;
577 	int ret;
578 
579 	otp_soak(1);
580 	ret = _otp_prog_bit(value, prog_address, bit_offset);
581 	if (ret)
582 		return OTP_FAILURE;
583 	pass = 0;
584 
585 	for (i = 0; i < RETRY; i++) {
586 		if (verify_bit(prog_address, bit_offset, value) != 0) {
587 			otp_soak(2);
588 			ret = _otp_prog_bit(value, prog_address, bit_offset);
589 			if (ret)
590 				return OTP_FAILURE;
591 			if (verify_bit(prog_address, bit_offset, value) != 0) {
592 				otp_soak(1);
593 			} else {
594 				pass = 1;
595 				break;
596 			}
597 		} else {
598 			pass = 1;
599 			break;
600 		}
601 	}
602 	if (pass)
603 		return OTP_SUCCESS;
604 
605 	return OTP_FAILURE;
606 }
607 
608 static int otp_prog_dw(u32 value, u32 ignore, u32 prog_address)
609 {
610 	int j, bit_value, prog_bit;
611 	int ret;
612 
613 	for (j = 0; j < 32; j++) {
614 		if ((ignore >> j) & 0x1)
615 			continue;
616 		bit_value = (value >> j) & 0x1;
617 		if (prog_address % 2 == 0) {
618 			if (bit_value)
619 				prog_bit = ~(0x1 << j);
620 			else
621 				continue;
622 		} else {
623 			if (info_cb.version != OTP_A3)
624 				prog_address |= 1 << 15;
625 			if (bit_value)
626 				continue;
627 			else
628 				prog_bit = 0x1 << j;
629 		}
630 		ret = otp_prog(prog_address, prog_bit);
631 		if (ret)
632 			return ret;
633 	}
634 	return 0;
635 }
636 
637 static int otp_prog_verify_2dw(u32 *data, u32 *buf, u32 *ignore_mask, u32 prog_address)
638 {
639 	int pass;
640 	int i;
641 	u32 data0_masked;
642 	u32 data1_masked;
643 	u32 buf0_masked;
644 	u32 buf1_masked;
645 	u32 compare[2];
646 	int ret;
647 
648 	data0_masked = data[0]  & ~ignore_mask[0];
649 	buf0_masked  = buf[0] & ~ignore_mask[0];
650 	data1_masked = data[1]  & ~ignore_mask[1];
651 	buf1_masked  = buf[1] & ~ignore_mask[1];
652 	if (data0_masked == buf0_masked && data1_masked == buf1_masked)
653 		return OTP_SUCCESS;
654 
655 	for (i = 0; i < 32; i++) {
656 		if (((data0_masked >> i) & 0x1) == 1 && ((buf0_masked >> i) & 0x1) == 0)
657 			return OTP_FAILURE;
658 		if (((data1_masked >> i) & 0x1) == 0 && ((buf1_masked >> i) & 0x1) == 1)
659 			return OTP_FAILURE;
660 	}
661 
662 	otp_soak(1);
663 	if (data0_masked != buf0_masked) {
664 		ret = otp_prog_dw(buf[0], ignore_mask[0], prog_address);
665 		if (ret)
666 			return OTP_FAILURE;
667 	}
668 
669 	if (data1_masked != buf1_masked) {
670 		ret = otp_prog_dw(buf[1], ignore_mask[1], prog_address + 1);
671 		if (ret)
672 			return OTP_FAILURE;
673 	}
674 
675 	pass = 0;
676 	for (i = 0; i < RETRY; i++) {
677 		if (verify_dw(prog_address, buf, ignore_mask, compare, 2) != 0) {
678 			otp_soak(2);
679 			if (compare[0] != 0) {
680 				ret = otp_prog_dw(compare[0], ignore_mask[0], prog_address);
681 				if (ret)
682 					return OTP_FAILURE;
683 			}
684 			if (compare[1] != ~0) {
685 				ret = otp_prog_dw(compare[1], ignore_mask[1], prog_address + 1);
686 				if (ret)
687 					return OTP_FAILURE;
688 			}
689 			if (verify_dw(prog_address, buf, ignore_mask, compare, 2) != 0) {
690 				otp_soak(1);
691 			} else {
692 				pass = 1;
693 				break;
694 			}
695 		} else {
696 			pass = 1;
697 			break;
698 		}
699 	}
700 
701 	if (!pass) {
702 		otp_soak(0);
703 		return OTP_FAILURE;
704 	}
705 	return OTP_SUCCESS;
706 }
707 
708 static void otp_strap_status(struct otpstrap_status *otpstrap)
709 {
710 	u32 OTPSTRAP_RAW[2];
711 	int strap_end;
712 	int i, j;
713 
714 	if (info_cb.version == OTP_A0) {
715 		for (j = 0; j < 64; j++) {
716 			otpstrap[j].value = 0;
717 			otpstrap[j].remain_times = 7;
718 			otpstrap[j].writeable_option = -1;
719 			otpstrap[j].protected = 0;
720 		}
721 		strap_end = 30;
722 	} else {
723 		for (j = 0; j < 64; j++) {
724 			otpstrap[j].value = 0;
725 			otpstrap[j].remain_times = 6;
726 			otpstrap[j].writeable_option = -1;
727 			otpstrap[j].protected = 0;
728 		}
729 		strap_end = 28;
730 	}
731 
732 	otp_soak(0);
733 	for (i = 16; i < strap_end; i += 2) {
734 		int option = (i - 16) / 2;
735 
736 		otp_read_conf(i, &OTPSTRAP_RAW[0]);
737 		otp_read_conf(i + 1, &OTPSTRAP_RAW[1]);
738 		for (j = 0; j < 32; j++) {
739 			char bit_value = ((OTPSTRAP_RAW[0] >> j) & 0x1);
740 
741 			if (bit_value == 0 && otpstrap[j].writeable_option == -1)
742 				otpstrap[j].writeable_option = option;
743 			if (bit_value == 1)
744 				otpstrap[j].remain_times--;
745 			otpstrap[j].value ^= bit_value;
746 			otpstrap[j].option_array[option] = bit_value;
747 		}
748 		for (j = 32; j < 64; j++) {
749 			char bit_value = ((OTPSTRAP_RAW[1] >> (j - 32)) & 0x1);
750 
751 			if (bit_value == 0 && otpstrap[j].writeable_option == -1)
752 				otpstrap[j].writeable_option = option;
753 			if (bit_value == 1)
754 				otpstrap[j].remain_times--;
755 			otpstrap[j].value ^= bit_value;
756 			otpstrap[j].option_array[option] = bit_value;
757 		}
758 	}
759 
760 	otp_read_conf(30, &OTPSTRAP_RAW[0]);
761 	otp_read_conf(31, &OTPSTRAP_RAW[1]);
762 	for (j = 0; j < 32; j++) {
763 		if (((OTPSTRAP_RAW[0] >> j) & 0x1) == 1)
764 			otpstrap[j].protected = 1;
765 	}
766 	for (j = 32; j < 64; j++) {
767 		if (((OTPSTRAP_RAW[1] >> (j - 32)) & 0x1) == 1)
768 			otpstrap[j].protected = 1;
769 	}
770 }
771 
772 static int otp_strap_bit_confirm(struct otpstrap_status *otpstrap, int offset, int ibit, int bit, int pbit)
773 {
774 	int prog_flag = 0;
775 
776 	// ignore this bit
777 	if (ibit == 1)
778 		return OTP_SUCCESS;
779 	printf("OTPSTRAP[0x%X]:\n", offset);
780 
781 	if (bit == otpstrap->value) {
782 		if (!pbit) {
783 			printf("    The value is same as before, skip it.\n");
784 			return OTP_PROG_SKIP;
785 		}
786 		printf("    The value is same as before.\n");
787 	} else {
788 		prog_flag = 1;
789 	}
790 	if (otpstrap->protected == 1 && prog_flag) {
791 		printf("    This bit is protected and is not writable\n");
792 		return OTP_FAILURE;
793 	}
794 	if (otpstrap->remain_times == 0 && prog_flag) {
795 		printf("    This bit has no remaining chance to write.\n");
796 		return OTP_FAILURE;
797 	}
798 	if (pbit == 1)
799 		printf("    This bit will be protected and become non-writable.\n");
800 	if (prog_flag)
801 		printf("    Write 1 to OTPSTRAP[0x%X] OPTION[0x%X], that value becomes from 0x%X to 0x%X.\n", offset, otpstrap->writeable_option + 1, otpstrap->value, otpstrap->value ^ 1);
802 
803 	return OTP_SUCCESS;
804 }
805 
806 static int otp_prog_strap_b(int bit_offset, int value)
807 {
808 	struct otpstrap_status otpstrap[64];
809 	u32 prog_address;
810 	int offset;
811 	int ret;
812 
813 	otp_strap_status(otpstrap);
814 
815 	ret = otp_strap_bit_confirm(&otpstrap[bit_offset], bit_offset, 0, value, 0);
816 
817 	if (ret != OTP_SUCCESS)
818 		return ret;
819 
820 	prog_address = 0x800;
821 	if (bit_offset < 32) {
822 		offset = bit_offset;
823 		prog_address |= ((otpstrap[bit_offset].writeable_option * 2 + 16) / 8) * 0x200;
824 		prog_address |= ((otpstrap[bit_offset].writeable_option * 2 + 16) % 8) * 0x2;
825 
826 	} else {
827 		offset = (bit_offset - 32);
828 		prog_address |= ((otpstrap[bit_offset].writeable_option * 2 + 17) / 8) * 0x200;
829 		prog_address |= ((otpstrap[bit_offset].writeable_option * 2 + 17) % 8) * 0x2;
830 	}
831 
832 	return otp_prog_dc_b(1, prog_address, offset);
833 }
834 
835 static int otp_print_conf(u32 offset, int dw_count)
836 {
837 	int i;
838 	u32 ret[1];
839 
840 	if (offset + dw_count > 32)
841 		return OTP_USAGE;
842 	otp_soak(0);
843 	for (i = offset; i < offset + dw_count; i++) {
844 		otp_read_conf(i, ret);
845 		printf("OTPCFG0x%X: 0x%08X\n", i, ret[0]);
846 	}
847 	printf("\n");
848 	return OTP_SUCCESS;
849 }
850 
851 static int otp_print_data(u32 offset, int dw_count)
852 {
853 	int i;
854 	u32 ret[2];
855 
856 	if (offset + dw_count > 2048 || offset % 4 != 0)
857 		return OTP_USAGE;
858 	otp_soak(0);
859 	for (i = offset; i < offset + dw_count; i += 2) {
860 		otp_read_data(i, ret);
861 		if (i % 4 == 0)
862 			printf("%03X: %08X %08X ", i * 4, ret[0], ret[1]);
863 		else
864 			printf("%08X %08X\n", ret[0], ret[1]);
865 	}
866 	printf("\n");
867 	return OTP_SUCCESS;
868 }
869 
870 static int otp_print_strap(int start, int count)
871 {
872 	int i, j;
873 	int remains;
874 	struct otpstrap_status otpstrap[64];
875 
876 	if (start < 0 || start > 64)
877 		return OTP_USAGE;
878 
879 	if ((start + count) < 0 || (start + count) > 64)
880 		return OTP_USAGE;
881 
882 	otp_strap_status(otpstrap);
883 
884 	if (info_cb.version == OTP_A0)
885 		remains = 7;
886 	else
887 		remains = 6;
888 	printf("BIT(hex)  Value  Option           Status\n");
889 	printf("______________________________________________________________________________\n");
890 
891 	for (i = start; i < start + count; i++) {
892 		printf("0x%-8X", i);
893 		printf("%-7d", otpstrap[i].value);
894 		for (j = 0; j < remains; j++)
895 			printf("%d ", otpstrap[i].option_array[j]);
896 		printf("   ");
897 		if (otpstrap[i].protected == 1) {
898 			printf("protected and not writable");
899 		} else {
900 			printf("not protected ");
901 			if (otpstrap[i].remain_times == 0)
902 				printf("and no remaining times to write.");
903 			else
904 				printf("and still can write %d times", otpstrap[i].remain_times);
905 		}
906 		printf("\n");
907 	}
908 
909 	return OTP_SUCCESS;
910 }
911 
912 static void otp_print_revid(u32 *rid)
913 {
914 	int bit_offset;
915 	int i, j;
916 
917 	printf("     0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f\n");
918 	printf("___________________________________________________\n");
919 	for (i = 0; i < 64; i++) {
920 		if (i < 32) {
921 			j = 0;
922 			bit_offset = i;
923 		} else {
924 			j = 1;
925 			bit_offset = i - 32;
926 		}
927 		if (i % 16 == 0)
928 			printf("%2x | ", i);
929 		printf("%d  ", (rid[j] >> bit_offset) & 0x1);
930 		if ((i + 1) % 16 == 0)
931 			printf("\n");
932 	}
933 }
934 
935 static int otp_print_scu_image(struct otp_image_layout *image_layout)
936 {
937 	const struct scu_info *scu_info = info_cb.scu_info;
938 	u32 *OTPSCU = (u32 *)image_layout->scu_pro;
939 	u32 *OTPSCU_IGNORE = (u32 *)image_layout->scu_pro_ignore;
940 	int i;
941 	u32 scu_offset;
942 	u32 dw_offset;
943 	u32 bit_offset;
944 	u32 mask;
945 	u32 otp_value;
946 	u32 otp_ignore;
947 
948 	printf("SCU     BIT          reg_protect     Description\n");
949 	printf("____________________________________________________________________\n");
950 	for (i = 0; i < info_cb.scu_info_len; i++) {
951 		mask = BIT(scu_info[i].length) - 1;
952 
953 		if (scu_info[i].bit_offset > 31) {
954 			scu_offset = 0x510;
955 			dw_offset = 1;
956 			bit_offset = scu_info[i].bit_offset - 32;
957 		} else {
958 			scu_offset = 0x500;
959 			dw_offset = 0;
960 			bit_offset = scu_info[i].bit_offset;
961 		}
962 
963 		otp_value = (OTPSCU[dw_offset] >> bit_offset) & mask;
964 		otp_ignore = (OTPSCU_IGNORE[dw_offset] >> bit_offset) & mask;
965 
966 		if (otp_ignore == mask)
967 			continue;
968 		else if (otp_ignore != 0)
969 			return OTP_FAILURE;
970 
971 		if (otp_value != 0 && otp_value != mask)
972 			return OTP_FAILURE;
973 
974 		printf("0x%-6X", scu_offset);
975 		if (scu_info[i].length == 1)
976 			printf("0x%-11X", bit_offset);
977 		else
978 			printf("0x%-2X:0x%-6x", bit_offset, bit_offset + scu_info[i].length - 1);
979 		printf("0x%-14X", otp_value);
980 		printf("%s\n", scu_info[i].information);
981 	}
982 	return OTP_SUCCESS;
983 }
984 
985 static void otp_print_scu_info(void)
986 {
987 	const struct scu_info *scu_info = info_cb.scu_info;
988 	u32 OTPCFG[2];
989 	u32 scu_offset;
990 	u32 bit_offset;
991 	u32 reg_p;
992 	u32 length;
993 	int i, j;
994 
995 	otp_soak(0);
996 	otp_read_conf(28, &OTPCFG[0]);
997 	otp_read_conf(29, &OTPCFG[1]);
998 	printf("SCU     BIT   reg_protect     Description\n");
999 	printf("____________________________________________________________________\n");
1000 	for (i = 0; i < info_cb.scu_info_len; i++) {
1001 		length = scu_info[i].length;
1002 		for (j = 0; j < length; j++) {
1003 			if (scu_info[i].bit_offset + j < 32) {
1004 				scu_offset = 0x500;
1005 				bit_offset = scu_info[i].bit_offset + j;
1006 				reg_p = (OTPCFG[0] >> bit_offset) & 0x1;
1007 			} else {
1008 				scu_offset = 0x510;
1009 				bit_offset = scu_info[i].bit_offset + j - 32;
1010 				reg_p = (OTPCFG[1] >> bit_offset) & 0x1;
1011 			}
1012 			printf("0x%-6X", scu_offset);
1013 			printf("0x%-4X", bit_offset);
1014 			printf("0x%-13X", reg_p);
1015 			if (length == 1) {
1016 				printf(" %s\n", scu_info[i].information);
1017 				continue;
1018 			}
1019 
1020 			if (j == 0)
1021 				printf("/%s\n", scu_info[i].information);
1022 			else if (j == length - 1)
1023 				printf("\\ \"\n");
1024 			else
1025 				printf("| \"\n");
1026 		}
1027 	}
1028 }
1029 
1030 static int otp_print_conf_image(struct otp_image_layout *image_layout)
1031 {
1032 	const struct otpconf_info *conf_info = info_cb.conf_info;
1033 	u32 *OTPCFG = (u32 *)image_layout->conf;
1034 	u32 *OTPCFG_IGNORE = (u32 *)image_layout->conf_ignore;
1035 	u32 mask;
1036 	u32 dw_offset;
1037 	u32 bit_offset;
1038 	u32 otp_value;
1039 	u32 otp_ignore;
1040 	int fail = 0;
1041 	int mask_err;
1042 	int rid_num = 0;
1043 	char valid_bit[20];
1044 	int fz;
1045 	int i;
1046 	int j;
1047 
1048 	printf("DW    BIT        Value       Description\n");
1049 	printf("__________________________________________________________________________\n");
1050 	for (i = 0; i < info_cb.conf_info_len; i++) {
1051 		mask_err = 0;
1052 		dw_offset = conf_info[i].dw_offset;
1053 		bit_offset = conf_info[i].bit_offset;
1054 		mask = BIT(conf_info[i].length) - 1;
1055 		otp_value = (OTPCFG[dw_offset] >> bit_offset) & mask;
1056 		otp_ignore = (OTPCFG_IGNORE[dw_offset] >> bit_offset) & mask;
1057 
1058 		if (conf_info[i].value == OTP_REG_VALID_BIT) {
1059 			if (((otp_value + otp_ignore) & mask) != mask) {
1060 				fail = 1;
1061 				mask_err = 1;
1062 			}
1063 		} else {
1064 			if (otp_ignore == mask) {
1065 				continue;
1066 			} else if (otp_ignore != 0) {
1067 				fail = 1;
1068 				mask_err = 1;
1069 			}
1070 		}
1071 
1072 		if (otp_value != conf_info[i].value &&
1073 		    conf_info[i].value != OTP_REG_RESERVED &&
1074 		    conf_info[i].value != OTP_REG_VALUE &&
1075 		    conf_info[i].value != OTP_REG_VALID_BIT)
1076 			continue;
1077 		printf("0x%-4X", dw_offset);
1078 
1079 		if (conf_info[i].length == 1) {
1080 			printf("0x%-9X", conf_info[i].bit_offset);
1081 		} else {
1082 			printf("0x%-2X:0x%-4X",
1083 			       conf_info[i].bit_offset + conf_info[i].length - 1,
1084 			       conf_info[i].bit_offset);
1085 		}
1086 		printf("0x%-10x", otp_value);
1087 
1088 		if (mask_err) {
1089 			printf("Ignore, mask error\n");
1090 			continue;
1091 		}
1092 		if (conf_info[i].value == OTP_REG_RESERVED) {
1093 			printf("Reserved\n");
1094 		} else if (conf_info[i].value == OTP_REG_VALUE) {
1095 			printf(conf_info[i].information, otp_value);
1096 			printf("\n");
1097 		} else if (conf_info[i].value == OTP_REG_VALID_BIT) {
1098 			if (otp_value != 0) {
1099 				for (j = 0; j < 7; j++) {
1100 					if (otp_value & (1 << j))
1101 						valid_bit[j * 2] = '1';
1102 					else
1103 						valid_bit[j * 2] = '0';
1104 					valid_bit[j * 2 + 1] = ' ';
1105 				}
1106 				valid_bit[15] = 0;
1107 			} else {
1108 				strcpy(valid_bit, "0 0 0 0 0 0 0 0\0");
1109 			}
1110 			printf(conf_info[i].information, valid_bit);
1111 			printf("\n");
1112 		} else {
1113 			printf("%s\n", conf_info[i].information);
1114 		}
1115 	}
1116 
1117 	if (OTPCFG[0xa] != 0 || OTPCFG[0xb] != 0) {
1118 		if (OTPCFG_IGNORE[0xa] != 0 && OTPCFG_IGNORE[0xb] != 0) {
1119 			printf("OTP revision ID is invalid.\n");
1120 			fail = 1;
1121 		} else {
1122 			fz = 0;
1123 			for (i = 0; i < 64; i++) {
1124 				if (get_dw_bit(&OTPCFG[0xa], i) == 0) {
1125 					if (!fz)
1126 						fz = 1;
1127 				} else {
1128 					rid_num++;
1129 					if (fz) {
1130 						printf("OTP revision ID is invalid.\n");
1131 						fail = 1;
1132 						break;
1133 					}
1134 				}
1135 			}
1136 		}
1137 		if (fail)
1138 			printf("OTP revision ID\n");
1139 		else
1140 			printf("OTP revision ID: 0x%x\n", rid_num);
1141 		otp_print_revid(&OTPCFG[0xa]);
1142 	}
1143 
1144 	if (fail)
1145 		return OTP_FAILURE;
1146 
1147 	return OTP_SUCCESS;
1148 }
1149 
1150 static int otp_print_conf_info(int input_offset)
1151 {
1152 	const struct otpconf_info *conf_info = info_cb.conf_info;
1153 	u32 OTPCFG[16];
1154 	u32 mask;
1155 	u32 dw_offset;
1156 	u32 bit_offset;
1157 	u32 otp_value;
1158 	char valid_bit[20];
1159 	int i;
1160 	int j;
1161 
1162 	otp_soak(0);
1163 	for (i = 0; i < 16; i++)
1164 		otp_read_conf(i, &OTPCFG[i]);
1165 
1166 	printf("DW    BIT        Value       Description\n");
1167 	printf("__________________________________________________________________________\n");
1168 	for (i = 0; i < info_cb.conf_info_len; i++) {
1169 		if (input_offset != -1 && input_offset != conf_info[i].dw_offset)
1170 			continue;
1171 		dw_offset = conf_info[i].dw_offset;
1172 		bit_offset = conf_info[i].bit_offset;
1173 		mask = BIT(conf_info[i].length) - 1;
1174 		otp_value = (OTPCFG[dw_offset] >> bit_offset) & mask;
1175 
1176 		if (otp_value != conf_info[i].value &&
1177 		    conf_info[i].value != OTP_REG_RESERVED &&
1178 		    conf_info[i].value != OTP_REG_VALUE &&
1179 		    conf_info[i].value != OTP_REG_VALID_BIT)
1180 			continue;
1181 		printf("0x%-4X", dw_offset);
1182 
1183 		if (conf_info[i].length == 1) {
1184 			printf("0x%-9X", conf_info[i].bit_offset);
1185 		} else {
1186 			printf("0x%-2X:0x%-4X",
1187 			       conf_info[i].bit_offset + conf_info[i].length - 1,
1188 			       conf_info[i].bit_offset);
1189 		}
1190 		printf("0x%-10x", otp_value);
1191 
1192 		if (conf_info[i].value == OTP_REG_RESERVED) {
1193 			printf("Reserved\n");
1194 		} else if (conf_info[i].value == OTP_REG_VALUE) {
1195 			printf(conf_info[i].information, otp_value);
1196 			printf("\n");
1197 		} else if (conf_info[i].value == OTP_REG_VALID_BIT) {
1198 			if (otp_value != 0) {
1199 				for (j = 0; j < 7; j++) {
1200 					if (otp_value & (1 << j))
1201 						valid_bit[j * 2] = '1';
1202 					else
1203 						valid_bit[j * 2] = '0';
1204 					valid_bit[j * 2 + 1] = ' ';
1205 				}
1206 				valid_bit[15] = 0;
1207 			} else {
1208 				strcpy(valid_bit, "0 0 0 0 0 0 0 0\0");
1209 			}
1210 			printf(conf_info[i].information, valid_bit);
1211 			printf("\n");
1212 		} else {
1213 			printf("%s\n", conf_info[i].information);
1214 		}
1215 	}
1216 	return OTP_SUCCESS;
1217 }
1218 
1219 static int otp_print_strap_image(struct otp_image_layout *image_layout)
1220 {
1221 	const struct otpstrap_info *strap_info = info_cb.strap_info;
1222 	u32 *OTPSTRAP;
1223 	u32 *OTPSTRAP_PRO;
1224 	u32 *OTPSTRAP_IGNORE;
1225 	int i;
1226 	int fail = 0;
1227 	u32 bit_offset;
1228 	u32 dw_offset;
1229 	u32 mask;
1230 	u32 otp_value;
1231 	u32 otp_protect;
1232 	u32 otp_ignore;
1233 
1234 	OTPSTRAP = (u32 *)image_layout->strap;
1235 	OTPSTRAP_PRO = (u32 *)image_layout->strap_pro;
1236 	OTPSTRAP_IGNORE = (u32 *)image_layout->strap_ignore;
1237 
1238 	printf("BIT(hex)   Value       Protect     Description\n");
1239 	printf("__________________________________________________________________________________________\n");
1240 
1241 	for (i = 0; i < info_cb.strap_info_len; i++) {
1242 		fail = 0;
1243 		if (strap_info[i].bit_offset > 31) {
1244 			dw_offset = 1;
1245 			bit_offset = strap_info[i].bit_offset - 32;
1246 		} else {
1247 			dw_offset = 0;
1248 			bit_offset = strap_info[i].bit_offset;
1249 		}
1250 
1251 		mask = BIT(strap_info[i].length) - 1;
1252 		otp_value = (OTPSTRAP[dw_offset] >> bit_offset) & mask;
1253 		otp_protect = (OTPSTRAP_PRO[dw_offset] >> bit_offset) & mask;
1254 		otp_ignore = (OTPSTRAP_IGNORE[dw_offset] >> bit_offset) & mask;
1255 
1256 		if (otp_ignore == mask)
1257 			continue;
1258 		else if (otp_ignore != 0)
1259 			fail = 1;
1260 
1261 		if (otp_value != strap_info[i].value &&
1262 		    strap_info[i].value != OTP_REG_RESERVED)
1263 			continue;
1264 
1265 		if (strap_info[i].length == 1) {
1266 			printf("0x%-9X", strap_info[i].bit_offset);
1267 		} else {
1268 			printf("0x%-2X:0x%-4X",
1269 			       strap_info[i].bit_offset + strap_info[i].length - 1,
1270 			       strap_info[i].bit_offset);
1271 		}
1272 		printf("0x%-10x", otp_value);
1273 		printf("0x%-10x", otp_protect);
1274 
1275 		if (fail) {
1276 			printf("Ignore mask error\n");
1277 		} else {
1278 			if (strap_info[i].value != OTP_REG_RESERVED)
1279 				printf("%s\n", strap_info[i].information);
1280 			else
1281 				printf("Reserved\n");
1282 		}
1283 	}
1284 
1285 	if (fail)
1286 		return OTP_FAILURE;
1287 
1288 	return OTP_SUCCESS;
1289 }
1290 
1291 static int otp_print_strap_info(int view)
1292 {
1293 	const struct otpstrap_info *strap_info = info_cb.strap_info;
1294 	struct otpstrap_status strap_status[64];
1295 	int i, j;
1296 	int fail = 0;
1297 	u32 bit_offset;
1298 	u32 length;
1299 	u32 otp_value;
1300 	u32 otp_protect;
1301 
1302 	otp_strap_status(strap_status);
1303 
1304 	if (view) {
1305 		printf("BIT(hex) Value  Remains  Protect   Description\n");
1306 		printf("___________________________________________________________________________________________________\n");
1307 	} else {
1308 		printf("BIT(hex)   Value       Description\n");
1309 		printf("________________________________________________________________________________\n");
1310 	}
1311 	for (i = 0; i < info_cb.strap_info_len; i++) {
1312 		otp_value = 0;
1313 		bit_offset = strap_info[i].bit_offset;
1314 		length = strap_info[i].length;
1315 		for (j = 0; j < length; j++) {
1316 			otp_value |= strap_status[bit_offset + j].value << j;
1317 			otp_protect |= strap_status[bit_offset + j].protected << j;
1318 		}
1319 		if (otp_value != strap_info[i].value &&
1320 		    strap_info[i].value != OTP_REG_RESERVED)
1321 			continue;
1322 		if (view) {
1323 			for (j = 0; j < length; j++) {
1324 				printf("0x%-7X", strap_info[i].bit_offset + j);
1325 				printf("0x%-5X", strap_status[bit_offset + j].value);
1326 				printf("%-9d", strap_status[bit_offset + j].remain_times);
1327 				printf("0x%-7X", strap_status[bit_offset + j].protected);
1328 				if (strap_info[i].value == OTP_REG_RESERVED) {
1329 					printf(" Reserved\n");
1330 					continue;
1331 				}
1332 				if (length == 1) {
1333 					printf(" %s\n", strap_info[i].information);
1334 					continue;
1335 				}
1336 
1337 				if (j == 0)
1338 					printf("/%s\n", strap_info[i].information);
1339 				else if (j == length - 1)
1340 					printf("\\ \"\n");
1341 				else
1342 					printf("| \"\n");
1343 			}
1344 		} else {
1345 			if (length == 1) {
1346 				printf("0x%-9X", strap_info[i].bit_offset);
1347 			} else {
1348 				printf("0x%-2X:0x%-4X",
1349 				       bit_offset + length - 1, bit_offset);
1350 			}
1351 
1352 			printf("0x%-10X", otp_value);
1353 
1354 			if (strap_info[i].value != OTP_REG_RESERVED)
1355 				printf("%s\n", strap_info[i].information);
1356 			else
1357 				printf("Reserved\n");
1358 		}
1359 	}
1360 
1361 	if (fail)
1362 		return OTP_FAILURE;
1363 
1364 	return OTP_SUCCESS;
1365 }
1366 
1367 static void _otp_print_key(u32 header, u32 offset, u8 *data)
1368 {
1369 	const struct otpkey_type *key_info_array = info_cb.key_info;
1370 	struct otpkey_type key_info = { .value = -1 };
1371 	int key_id, key_offset, key_type, key_length, exp_length;
1372 	int len = 0;
1373 	int i;
1374 
1375 	key_id = header & 0x7;
1376 	key_offset = header & 0x1ff8;
1377 	key_type = (header >> 14) & 0xf;
1378 	key_length = (header >> 18) & 0x3;
1379 	exp_length = (header >> 20) & 0xfff;
1380 
1381 	printf("\nKey[%d]:\n", offset);
1382 	printf("Header: %x\n", header);
1383 
1384 	for (i = 0; i < info_cb.key_info_len; i++) {
1385 		if (key_type == key_info_array[i].value) {
1386 			key_info = key_info_array[i];
1387 			break;
1388 		}
1389 	}
1390 	if (key_info.value == -1)
1391 		return;
1392 
1393 	printf("Key Type: ");
1394 	printf("%s\n", key_info.information);
1395 
1396 	if (key_info.key_type == OTP_KEY_TYPE_HMAC) {
1397 		printf("HMAC SHA Type: ");
1398 		switch (key_length) {
1399 		case 0:
1400 			printf("HMAC(SHA224)\n");
1401 			break;
1402 		case 1:
1403 			printf("HMAC(SHA256)\n");
1404 			break;
1405 		case 2:
1406 			printf("HMAC(SHA384)\n");
1407 			break;
1408 		case 3:
1409 			printf("HMAC(SHA512)\n");
1410 			break;
1411 		}
1412 	} else if (key_info.key_type == OTP_KEY_TYPE_RSA_PRIV ||
1413 		   key_info.key_type == OTP_KEY_TYPE_RSA_PUB) {
1414 		printf("RSA SHA Type: ");
1415 		switch (key_length) {
1416 		case 0:
1417 			printf("RSA1024\n");
1418 			len = 0x100;
1419 			break;
1420 		case 1:
1421 			printf("RSA2048\n");
1422 			len = 0x200;
1423 			break;
1424 		case 2:
1425 			printf("RSA3072\n");
1426 			len = 0x300;
1427 			break;
1428 		case 3:
1429 			printf("RSA4096\n");
1430 			len = 0x400;
1431 			break;
1432 		}
1433 		printf("RSA exponent bit length: %d\n", exp_length);
1434 	}
1435 	if (key_info.need_id)
1436 		printf("Key Number ID: %d\n", key_id);
1437 	if (!data)
1438 		return;
1439 	printf("Key Value:\n");
1440 	if (key_info.key_type == OTP_KEY_TYPE_HMAC) {
1441 		buf_print(&data[key_offset], 0x40);
1442 	} else if (key_info.key_type == OTP_KEY_TYPE_AES) {
1443 		printf("AES Key:\n");
1444 		buf_print(&data[key_offset], 0x20);
1445 		if (info_cb.version == OTP_A0) {
1446 			printf("AES IV:\n");
1447 			buf_print(&data[key_offset + 0x20], 0x10);
1448 		}
1449 
1450 	} else if (key_info.key_type == OTP_KEY_TYPE_VAULT) {
1451 		if (info_cb.version == OTP_A0) {
1452 			printf("AES Key:\n");
1453 			buf_print(&data[key_offset], 0x20);
1454 			printf("AES IV:\n");
1455 			buf_print(&data[key_offset + 0x20], 0x10);
1456 		} else {
1457 			printf("AES Key 1:\n");
1458 			buf_print(&data[key_offset], 0x20);
1459 			printf("AES Key 2:\n");
1460 			buf_print(&data[key_offset + 0x20], 0x20);
1461 		}
1462 	} else if (key_info.key_type == OTP_KEY_TYPE_RSA_PRIV) {
1463 		printf("RSA mod:\n");
1464 		buf_print(&data[key_offset], len / 2);
1465 		printf("RSA exp:\n");
1466 		buf_print(&data[key_offset + (len / 2)], len / 2);
1467 	} else if (key_info.key_type == OTP_KEY_TYPE_RSA_PUB) {
1468 		printf("RSA mod:\n");
1469 		buf_print(&data[key_offset], len / 2);
1470 		printf("RSA exp:\n");
1471 		buf_print((u8 *)"\x01\x00\x01", 3);
1472 	}
1473 }
1474 
1475 static void otp_print_key(u32 *data)
1476 {
1477 	int i;
1478 	int last;
1479 	u8 *byte_buf;
1480 	int empty;
1481 
1482 	byte_buf = (u8 *)data;
1483 
1484 	empty = 1;
1485 	for (i = 0; i < 16; i++) {
1486 		if (i % 2) {
1487 			if (data[i] != 0xffffffff)
1488 				empty = 0;
1489 		} else {
1490 			if (data[i] != 0)
1491 				empty = 0;
1492 		}
1493 	}
1494 	if (empty) {
1495 		printf("OTP data header is empty\n");
1496 		return;
1497 	}
1498 
1499 	for (i = 0; i < 16; i++) {
1500 		last = (data[i] >> 13) & 1;
1501 		_otp_print_key(data[i], i, byte_buf);
1502 		if (last)
1503 			break;
1504 	}
1505 }
1506 
1507 static int otp_print_data_image(struct otp_image_layout *image_layout)
1508 {
1509 	u32 *buf;
1510 
1511 	buf = (u32 *)image_layout->data;
1512 	otp_print_key(buf);
1513 
1514 	return OTP_SUCCESS;
1515 }
1516 
1517 static void otp_print_key_info(void)
1518 {
1519 	u32 data[2048];
1520 	int i;
1521 
1522 	for (i = 0; i < 2048 ; i += 2)
1523 		otp_read_data(i, &data[i]);
1524 
1525 	otp_print_key(data);
1526 }
1527 
1528 static int otp_prog_data(struct otp_image_layout *image_layout, u32 *data)
1529 {
1530 	int i;
1531 	int ret;
1532 	u32 *buf;
1533 	u32 *buf_ignore;
1534 
1535 	buf = (u32 *)image_layout->data;
1536 	buf_ignore = (u32 *)image_layout->data_ignore;
1537 	printf("Start Programing...\n");
1538 
1539 	// programing ecc region first
1540 	for (i = 1792; i < 2046; i += 2) {
1541 		ret = otp_prog_verify_2dw(&data[i], &buf[i], &buf_ignore[i], i);
1542 		if (ret != OTP_SUCCESS) {
1543 			printf("address: %08x, data: %08x %08x, buffer: %08x %08x, mask: %08x %08x\n",
1544 			       i, data[i], data[i + 1], buf[i], buf[i + 1], buf_ignore[i], buf_ignore[i + 1]);
1545 			return ret;
1546 		}
1547 	}
1548 
1549 	for (i = 0; i < 1792; i += 2) {
1550 		ret = otp_prog_verify_2dw(&data[i], &buf[i], &buf_ignore[i], i);
1551 		if (ret != OTP_SUCCESS) {
1552 			printf("address: %08x, data: %08x %08x, buffer: %08x %08x, mask: %08x %08x\n",
1553 			       i, data[i], data[i + 1], buf[i], buf[i + 1], buf_ignore[i], buf_ignore[i + 1]);
1554 			return ret;
1555 		}
1556 	}
1557 	otp_soak(0);
1558 	return OTP_SUCCESS;
1559 }
1560 
1561 static int otp_prog_strap(struct otp_image_layout *image_layout, struct otpstrap_status *otpstrap)
1562 {
1563 	u32 *strap;
1564 	u32 *strap_ignore;
1565 	u32 *strap_pro;
1566 	u32 prog_address;
1567 	int i;
1568 	int bit, pbit, ibit, offset;
1569 	int fail = 0;
1570 	int ret;
1571 	int prog_flag = 0;
1572 
1573 	strap = (u32 *)image_layout->strap;
1574 	strap_pro = (u32 *)image_layout->strap_pro;
1575 	strap_ignore = (u32 *)image_layout->strap_ignore;
1576 
1577 	for (i = 0; i < 64; i++) {
1578 		prog_address = 0x800;
1579 		if (i < 32) {
1580 			offset = i;
1581 			bit = (strap[0] >> offset) & 0x1;
1582 			ibit = (strap_ignore[0] >> offset) & 0x1;
1583 			pbit = (strap_pro[0] >> offset) & 0x1;
1584 			prog_address |= ((otpstrap[i].writeable_option * 2 + 16) / 8) * 0x200;
1585 			prog_address |= ((otpstrap[i].writeable_option * 2 + 16) % 8) * 0x2;
1586 
1587 		} else {
1588 			offset = (i - 32);
1589 			bit = (strap[1] >> offset) & 0x1;
1590 			ibit = (strap_ignore[1] >> offset) & 0x1;
1591 			pbit = (strap_pro[1] >> offset) & 0x1;
1592 			prog_address |= ((otpstrap[i].writeable_option * 2 + 17) / 8) * 0x200;
1593 			prog_address |= ((otpstrap[i].writeable_option * 2 + 17) % 8) * 0x2;
1594 		}
1595 
1596 		if (ibit == 1)
1597 			continue;
1598 		if (bit == otpstrap[i].value)
1599 			prog_flag = 0;
1600 		else
1601 			prog_flag = 1;
1602 
1603 		if (otpstrap[i].protected == 1 && prog_flag) {
1604 			fail = 1;
1605 			continue;
1606 		}
1607 		if (otpstrap[i].remain_times == 0 && prog_flag) {
1608 			fail = 1;
1609 			continue;
1610 		}
1611 
1612 		if (prog_flag) {
1613 			ret = otp_prog_dc_b(1, prog_address, offset);
1614 			if (ret)
1615 				return OTP_FAILURE;
1616 		}
1617 
1618 		if (pbit != 0) {
1619 			prog_address = 0x800;
1620 			if (i < 32)
1621 				prog_address |= 0x60c;
1622 			else
1623 				prog_address |= 0x60e;
1624 
1625 			ret = otp_prog_dc_b(1, prog_address, offset);
1626 			if (ret)
1627 				return OTP_FAILURE;
1628 		}
1629 	}
1630 	otp_soak(0);
1631 	if (fail == 1)
1632 		return OTP_FAILURE;
1633 	return OTP_SUCCESS;
1634 }
1635 
1636 static int otp_prog_conf(struct otp_image_layout *image_layout, u32 *otp_conf)
1637 {
1638 	int i, k;
1639 	int pass = 0;
1640 	u32 prog_address;
1641 	u32 compare[2];
1642 	u32 *conf = (u32 *)image_layout->conf;
1643 	u32 *conf_ignore = (u32 *)image_layout->conf_ignore;
1644 	u32 data_masked;
1645 	u32 buf_masked;
1646 	int ret;
1647 
1648 	printf("Start Programing...\n");
1649 	otp_soak(0);
1650 	for (i = 0; i < 16; i++) {
1651 		data_masked = otp_conf[i]  & ~conf_ignore[i];
1652 		buf_masked  = conf[i] & ~conf_ignore[i];
1653 		prog_address = 0x800;
1654 		prog_address |= (i / 8) * 0x200;
1655 		prog_address |= (i % 8) * 0x2;
1656 		if (data_masked == buf_masked) {
1657 			pass = 1;
1658 			continue;
1659 		}
1660 
1661 		otp_soak(1);
1662 		ret = otp_prog_dw(conf[i], conf_ignore[i], prog_address);
1663 		if (ret)
1664 			return OTP_FAILURE;
1665 
1666 		pass = 0;
1667 		for (k = 0; k < RETRY; k++) {
1668 			if (verify_dw(prog_address, &conf[i], &conf_ignore[i], compare, 1) != 0) {
1669 				otp_soak(2);
1670 				ret = otp_prog_dw(compare[0], conf_ignore[i], prog_address);
1671 				if (ret)
1672 					return OTP_FAILURE;
1673 				if (verify_dw(prog_address, &conf[i], &conf_ignore[i], compare, 1) != 0) {
1674 					otp_soak(1);
1675 				} else {
1676 					pass = 1;
1677 					break;
1678 				}
1679 			} else {
1680 				pass = 1;
1681 				break;
1682 			}
1683 		}
1684 		if (pass == 0) {
1685 			printf("address: %08x, otp_conf: %08x, input_conf: %08x, mask: %08x\n",
1686 			       i, otp_conf[i], conf[i], conf_ignore[i]);
1687 			break;
1688 		}
1689 	}
1690 
1691 	otp_soak(0);
1692 	if (!pass)
1693 		return OTP_FAILURE;
1694 
1695 	return OTP_SUCCESS;
1696 }
1697 
1698 static int otp_prog_scu_protect(struct otp_image_layout *image_layout, u32 *scu_pro)
1699 {
1700 	int i, k;
1701 	int pass = 0;
1702 	u32 prog_address;
1703 	u32 compare[2];
1704 	u32 *OTPSCU = (u32 *)image_layout->scu_pro;
1705 	u32 *OTPSCU_IGNORE = (u32 *)image_layout->scu_pro_ignore;
1706 	u32 data_masked;
1707 	u32 buf_masked;
1708 	int ret;
1709 
1710 	printf("Start Programing...\n");
1711 	otp_soak(0);
1712 	for (i = 0; i < 2; i++) {
1713 		data_masked = scu_pro[i]  & ~OTPSCU_IGNORE[i];
1714 		buf_masked  = OTPSCU[i] & ~OTPSCU_IGNORE[i];
1715 		prog_address = 0xe08 + i * 2;
1716 		if (data_masked == buf_masked) {
1717 			pass = 1;
1718 			continue;
1719 		}
1720 
1721 		otp_soak(1);
1722 		ret = otp_prog_dw(OTPSCU[i], OTPSCU_IGNORE[i], prog_address);
1723 		if (ret)
1724 			return OTP_FAILURE;
1725 		pass = 0;
1726 		for (k = 0; k < RETRY; k++) {
1727 			if (verify_dw(prog_address, &OTPSCU[i], &OTPSCU_IGNORE[i], compare, 1) != 0) {
1728 				otp_soak(2);
1729 				ret = otp_prog_dw(compare[0], OTPSCU_IGNORE[i], prog_address);
1730 				if (ret)
1731 					return OTP_FAILURE;
1732 				if (verify_dw(prog_address, &OTPSCU[i], &OTPSCU_IGNORE[i], compare, 1) != 0) {
1733 					otp_soak(1);
1734 				} else {
1735 					pass = 1;
1736 					break;
1737 				}
1738 			} else {
1739 				pass = 1;
1740 				break;
1741 			}
1742 		}
1743 		if (pass == 0) {
1744 			printf("OTPCFG0x%x: 0x%08x, input: 0x%08x, mask: 0x%08x\n",
1745 			       i + 28, scu_pro[i], OTPSCU[i], OTPSCU_IGNORE[i]);
1746 			break;
1747 		}
1748 	}
1749 
1750 	otp_soak(0);
1751 	if (!pass)
1752 		return OTP_FAILURE;
1753 
1754 	return OTP_SUCCESS;
1755 }
1756 
1757 static int otp_check_data_image(struct otp_image_layout *image_layout, u32 *data)
1758 {
1759 	int data_dw;
1760 	u32 data_masked;
1761 	u32 buf_masked;
1762 	u32 *buf = (u32 *)image_layout->data;
1763 	u32 *buf_ignore = (u32 *)image_layout->data_ignore;
1764 	int i;
1765 
1766 	data_dw = image_layout->data_length / 4;
1767 	// ignore last two dw, the last two dw is used for slt otp write check.
1768 	for (i = 0; i < data_dw - 2; i++) {
1769 		data_masked = data[i]  & ~buf_ignore[i];
1770 		buf_masked  = buf[i] & ~buf_ignore[i];
1771 		if (data_masked == buf_masked)
1772 			continue;
1773 		if (i % 2 == 0) {
1774 			if ((data_masked | buf_masked) == buf_masked) {
1775 				continue;
1776 			} else {
1777 				printf("Input image can't program into OTP, please check.\n");
1778 				printf("OTP_ADDR[0x%x] = 0x%x\n", i, data[i]);
1779 				printf("Input   [0x%x] = 0x%x\n", i, buf[i]);
1780 				printf("Mask    [0x%x] = 0x%x\n", i, ~buf_ignore[i]);
1781 				return OTP_FAILURE;
1782 			}
1783 		} else {
1784 			if ((data_masked & buf_masked) == buf_masked) {
1785 				continue;
1786 			} else {
1787 				printf("Input image can't program into OTP, please check.\n");
1788 				printf("OTP_ADDR[0x%x] = 0x%x\n", i, data[i]);
1789 				printf("Input   [0x%x] = 0x%x\n", i, buf[i]);
1790 				printf("Mask    [0x%x] = 0x%x\n", i, ~buf_ignore[i]);
1791 				return OTP_FAILURE;
1792 			}
1793 		}
1794 	}
1795 	return OTP_SUCCESS;
1796 }
1797 
1798 static int otp_check_strap_image(struct otp_image_layout *image_layout, struct otpstrap_status *otpstrap)
1799 {
1800 	int i;
1801 	u32 *strap;
1802 	u32 *strap_ignore;
1803 	u32 *strap_pro;
1804 	int bit, pbit, ibit;
1805 	int fail = 0;
1806 	int ret;
1807 
1808 	strap = (u32 *)image_layout->strap;
1809 	strap_pro = (u32 *)image_layout->strap_pro;
1810 	strap_ignore = (u32 *)image_layout->strap_ignore;
1811 
1812 	for (i = 0; i < 64; i++) {
1813 		if (i < 32) {
1814 			bit = (strap[0] >> i) & 0x1;
1815 			ibit = (strap_ignore[0] >> i) & 0x1;
1816 			pbit = (strap_pro[0] >> i) & 0x1;
1817 		} else {
1818 			bit = (strap[1] >> (i - 32)) & 0x1;
1819 			ibit = (strap_ignore[1] >> (i - 32)) & 0x1;
1820 			pbit = (strap_pro[1] >> (i - 32)) & 0x1;
1821 		}
1822 
1823 		ret = otp_strap_bit_confirm(&otpstrap[i], i, ibit, bit, pbit);
1824 
1825 		if (ret == OTP_FAILURE)
1826 			fail = 1;
1827 	}
1828 	if (fail == 1) {
1829 		printf("Input image can't program into OTP, please check.\n");
1830 		return OTP_FAILURE;
1831 	}
1832 	return OTP_SUCCESS;
1833 }
1834 
1835 static int otp_check_conf_image(struct otp_image_layout *image_layout, u32 *otp_conf)
1836 {
1837 	u32 *conf = (u32 *)image_layout->conf;
1838 	u32 *conf_ignore = (u32 *)image_layout->conf_ignore;
1839 	u32 data_masked;
1840 	u32 buf_masked;
1841 	int i;
1842 
1843 	for (i = 0; i < 16; i++) {
1844 		data_masked = otp_conf[i]  & ~conf_ignore[i];
1845 		buf_masked  = conf[i] & ~conf_ignore[i];
1846 		if (data_masked == buf_masked)
1847 			continue;
1848 		if ((data_masked | buf_masked) == buf_masked) {
1849 			continue;
1850 		} else {
1851 			printf("Input image can't program into OTP, please check.\n");
1852 			printf("OTPCFG[%X] = %x\n", i, otp_conf[i]);
1853 			printf("Input [%X] = %x\n", i, conf[i]);
1854 			printf("Mask  [%X] = %x\n", i, ~conf_ignore[i]);
1855 			return OTP_FAILURE;
1856 		}
1857 	}
1858 	return OTP_SUCCESS;
1859 }
1860 
1861 static int otp_check_scu_image(struct otp_image_layout *image_layout, u32 *scu_pro)
1862 {
1863 	u32 *OTPSCU = (u32 *)image_layout->scu_pro;
1864 	u32 *OTPSCU_IGNORE = (u32 *)image_layout->scu_pro_ignore;
1865 	u32 data_masked;
1866 	u32 buf_masked;
1867 	int i;
1868 
1869 	for (i = 0; i < 2; i++) {
1870 		data_masked = scu_pro[i]  & ~OTPSCU_IGNORE[i];
1871 		buf_masked  = OTPSCU[i] & ~OTPSCU_IGNORE[i];
1872 		if (data_masked == buf_masked)
1873 			continue;
1874 		if ((data_masked | buf_masked) == buf_masked) {
1875 			continue;
1876 		} else {
1877 			printf("Input image can't program into OTP, please check.\n");
1878 			printf("OTPCFG[0x%X] = 0x%X\n", 28 + i, scu_pro[i]);
1879 			printf("Input [0x%X] = 0x%X\n", 28 + i, OTPSCU[i]);
1880 			printf("Mask  [0x%X] = 0x%X\n", 28 + i, ~OTPSCU_IGNORE[i]);
1881 			return OTP_FAILURE;
1882 		}
1883 	}
1884 	return OTP_SUCCESS;
1885 }
1886 
1887 static void do_hash(const void *data, int data_len, const char *algo_name, uint8_t *value)
1888 {
1889         struct hash_algo *algo;
1890 
1891         if (hash_lookup_algo(algo_name, &algo)) {
1892                 debug("Unsupported hash alogrithm\n");
1893                 return;
1894         }
1895 
1896         algo->hash_func_ws(data, data_len, value, algo->chunk_size);
1897 }
1898 
1899 static int otp_verify_image(u8 *src_buf, u32 length, u8 *digest_buf, int version)
1900 {
1901 	u8 digest_ret[48];
1902 	int digest_len;
1903 
1904 	switch (version) {
1905 	case 1:
1906 		do_hash(src_buf, length, "sha256", digest_ret);
1907 		digest_len = 32;
1908 		break;
1909 	case 2:
1910 		do_hash(src_buf, length, "sha384", digest_ret);
1911 		digest_len = 48;
1912 		break;
1913 	default:
1914 		return OTP_FAILURE;
1915 	}
1916 
1917 	if (!memcmp(digest_buf, digest_ret, digest_len))
1918 		return OTP_SUCCESS;
1919 	return OTP_FAILURE;
1920 }
1921 
1922 static int otp_prog_image(int addr, int nconfirm)
1923 {
1924 	int ret;
1925 	int image_soc_ver = 0;
1926 	struct otp_header *otp_header;
1927 	struct otp_image_layout image_layout;
1928 	int image_size;
1929 	u8 *buf;
1930 	u8 *checksum;
1931 	int i;
1932 	u32 data[2048];
1933 	u32 conf[16];
1934 	u32 scu_pro[2];
1935 	struct otpstrap_status otpstrap[64];
1936 
1937 	otp_header = map_physmem(addr, sizeof(struct otp_header), MAP_WRBACK);
1938 	if (!otp_header) {
1939 		printf("Failed to map physical memory\n");
1940 		return OTP_FAILURE;
1941 	}
1942 
1943 	image_size = OTP_IMAGE_SIZE(otp_header->image_info);
1944 	unmap_physmem(otp_header, MAP_WRBACK);
1945 
1946 	buf = map_physmem(addr, image_size + CHECKSUM_LEN, MAP_WRBACK);
1947 
1948 	if (!buf) {
1949 		printf("Failed to map physical memory\n");
1950 		return OTP_FAILURE;
1951 	}
1952 	otp_header = (struct otp_header *)buf;
1953 	checksum = buf + otp_header->checksum_offset;
1954 
1955 	if (strcmp(OTP_MAGIC, (char *)otp_header->otp_magic) != 0) {
1956 		printf("Image is invalid\n");
1957 		return OTP_FAILURE;
1958 	}
1959 
1960 	image_layout.data_length = (int)(OTP_REGION_SIZE(otp_header->data_info) / 2);
1961 	image_layout.data = buf + OTP_REGION_OFFSET(otp_header->data_info);
1962 	image_layout.data_ignore = image_layout.data + image_layout.data_length;
1963 
1964 	image_layout.conf_length = (int)(OTP_REGION_SIZE(otp_header->config_info) / 2);
1965 	image_layout.conf = buf + OTP_REGION_OFFSET(otp_header->config_info);
1966 	image_layout.conf_ignore = image_layout.conf + image_layout.conf_length;
1967 
1968 	image_layout.strap = buf + OTP_REGION_OFFSET(otp_header->strap_info);
1969 	image_layout.strap_length = (int)(OTP_REGION_SIZE(otp_header->strap_info) / 3);
1970 	image_layout.strap_pro = image_layout.strap + image_layout.strap_length;
1971 	image_layout.strap_ignore = image_layout.strap + 2 * image_layout.strap_length;
1972 
1973 	image_layout.scu_pro = buf + OTP_REGION_OFFSET(otp_header->scu_protect_info);
1974 	image_layout.scu_pro_length = (int)(OTP_REGION_SIZE(otp_header->scu_protect_info) / 2);
1975 	image_layout.scu_pro_ignore = image_layout.scu_pro + image_layout.scu_pro_length;
1976 
1977 	if (otp_header->soc_ver == SOC_AST2600A0) {
1978 		image_soc_ver = OTP_A0;
1979 	} else if (otp_header->soc_ver == SOC_AST2600A1) {
1980 		image_soc_ver = OTP_A1;
1981 	} else if (otp_header->soc_ver == SOC_AST2600A2) {
1982 		image_soc_ver = OTP_A2;
1983 	} else if (otp_header->soc_ver == SOC_AST2600A3) {
1984 		image_soc_ver = OTP_A3;
1985 	} else {
1986 		printf("Image SOC Version is not supported\n");
1987 		return OTP_FAILURE;
1988 	}
1989 
1990 	if (image_soc_ver != info_cb.version) {
1991 		printf("Image SOC version is not match to HW SOC version\n");
1992 		return OTP_FAILURE;
1993 	}
1994 
1995 	switch (OTPTOOL_VERSION_MAJOR(otp_header->otptool_ver)) {
1996 	case 1:
1997 		printf("WARNING: OTP image is not generated by otptool v2.x.x\n");
1998 		printf("Please use the latest version of otptool to generate OTP image\n");
1999 		ret = otp_verify_image(buf, image_size, checksum, 1);
2000 		break;
2001 	case 2:
2002 		ret = otp_verify_image(buf, image_size, checksum, 2);
2003 		break;
2004 	default:
2005 		printf("OTP image version is not supported\n");
2006 		return OTP_FAILURE;
2007 	}
2008 
2009 	if (ret) {
2010 		printf("checksum is invalid\n");
2011 		return OTP_FAILURE;
2012 	}
2013 
2014 	if (info_cb.pro_sts.mem_lock) {
2015 		printf("OTP memory is locked\n");
2016 		return OTP_FAILURE;
2017 	}
2018 	ret = 0;
2019 	if (otp_header->image_info & OTP_INC_DATA) {
2020 		if (info_cb.pro_sts.pro_data) {
2021 			printf("OTP data region is protected\n");
2022 			ret = -1;
2023 		}
2024 		if (info_cb.pro_sts.pro_sec) {
2025 			printf("OTP secure region is protected\n");
2026 			ret = -1;
2027 		}
2028 		printf("Read OTP Data Region:\n");
2029 		for (i = 0; i < 2048 ; i += 2)
2030 			otp_read_data(i, &data[i]);
2031 
2032 		printf("Check writable...\n");
2033 		if (otp_check_data_image(&image_layout, data) == OTP_FAILURE)
2034 			ret = -1;
2035 	}
2036 	if (otp_header->image_info & OTP_INC_CONFIG) {
2037 		if (info_cb.pro_sts.pro_conf) {
2038 			printf("OTP config region is protected\n");
2039 			ret = -1;
2040 		}
2041 		printf("Read OTP Config Region:\n");
2042 		for (i = 0; i < 16 ; i++)
2043 			otp_read_conf(i, &conf[i]);
2044 
2045 		printf("Check writable...\n");
2046 		if (otp_check_conf_image(&image_layout, conf) == OTP_FAILURE)
2047 			ret = -1;
2048 	}
2049 	if (otp_header->image_info & OTP_INC_STRAP) {
2050 		if (info_cb.pro_sts.pro_strap) {
2051 			printf("OTP strap region is protected\n");
2052 			ret = -1;
2053 		}
2054 		printf("Read OTP Strap Region:\n");
2055 		otp_strap_status(otpstrap);
2056 
2057 		printf("Check writable...\n");
2058 		if (otp_check_strap_image(&image_layout, otpstrap) == OTP_FAILURE)
2059 			ret = -1;
2060 	}
2061 	if (otp_header->image_info & OTP_INC_SCU_PRO) {
2062 		if (info_cb.pro_sts.pro_strap) {
2063 			printf("OTP strap region is protected\n");
2064 			ret = -1;
2065 		}
2066 		printf("Read SCU Protect Region:\n");
2067 		otp_read_conf(28, &scu_pro[0]);
2068 		otp_read_conf(29, &scu_pro[1]);
2069 
2070 		printf("Check writable...\n");
2071 		if (otp_check_scu_image(&image_layout, scu_pro) == OTP_FAILURE)
2072 			ret = -1;
2073 	}
2074 	if (ret == -1)
2075 		return OTP_FAILURE;
2076 
2077 	if (!nconfirm) {
2078 		if (otp_header->image_info & OTP_INC_DATA) {
2079 			printf("\nOTP data region :\n");
2080 			if (otp_print_data_image(&image_layout) < 0) {
2081 				printf("OTP data error, please check.\n");
2082 				return OTP_FAILURE;
2083 			}
2084 		}
2085 		if (otp_header->image_info & OTP_INC_CONFIG) {
2086 			printf("\nOTP configuration region :\n");
2087 			if (otp_print_conf_image(&image_layout) < 0) {
2088 				printf("OTP config error, please check.\n");
2089 				return OTP_FAILURE;
2090 			}
2091 		}
2092 		if (otp_header->image_info & OTP_INC_STRAP) {
2093 			printf("\nOTP strap region :\n");
2094 			if (otp_print_strap_image(&image_layout) < 0) {
2095 				printf("OTP strap error, please check.\n");
2096 				return OTP_FAILURE;
2097 			}
2098 		}
2099 		if (otp_header->image_info & OTP_INC_SCU_PRO) {
2100 			printf("\nOTP scu protect region :\n");
2101 			if (otp_print_scu_image(&image_layout) < 0) {
2102 				printf("OTP scu protect error, please check.\n");
2103 				return OTP_FAILURE;
2104 			}
2105 		}
2106 
2107 		printf("type \"YES\" (no quotes) to continue:\n");
2108 		if (!confirm_yesno()) {
2109 			printf(" Aborting\n");
2110 			return OTP_FAILURE;
2111 		}
2112 	}
2113 
2114 	if (otp_header->image_info & OTP_INC_DATA) {
2115 		printf("programing data region ...\n");
2116 		ret = otp_prog_data(&image_layout, data);
2117 		if (ret != 0) {
2118 			printf("Error\n");
2119 			return ret;
2120 		}
2121 		printf("Done\n");
2122 	}
2123 	if (otp_header->image_info & OTP_INC_STRAP) {
2124 		printf("programing strap region ...\n");
2125 		ret = otp_prog_strap(&image_layout, otpstrap);
2126 		if (ret != 0) {
2127 			printf("Error\n");
2128 			return ret;
2129 		}
2130 		printf("Done\n");
2131 	}
2132 	if (otp_header->image_info & OTP_INC_SCU_PRO) {
2133 		printf("programing scu protect region ...\n");
2134 		ret = otp_prog_scu_protect(&image_layout, scu_pro);
2135 		if (ret != 0) {
2136 			printf("Error\n");
2137 			return ret;
2138 		}
2139 		printf("Done\n");
2140 	}
2141 	if (otp_header->image_info & OTP_INC_CONFIG) {
2142 		printf("programing configuration region ...\n");
2143 		ret = otp_prog_conf(&image_layout, conf);
2144 		if (ret != 0) {
2145 			printf("Error\n");
2146 			return ret;
2147 		}
2148 		printf("Done\n");
2149 	}
2150 
2151 	return OTP_SUCCESS;
2152 }
2153 
2154 static int otp_prog_bit(int mode, int otp_dw_offset, int bit_offset, int value, int nconfirm)
2155 {
2156 	u32 read[2];
2157 	u32 prog_address = 0;
2158 	struct otpstrap_status otpstrap[64];
2159 	int otp_bit;
2160 	int ret = 0;
2161 
2162 	otp_soak(0);
2163 	switch (mode) {
2164 	case OTP_REGION_CONF:
2165 		otp_read_conf(otp_dw_offset, read);
2166 		prog_address = 0x800;
2167 		prog_address |= (otp_dw_offset / 8) * 0x200;
2168 		prog_address |= (otp_dw_offset % 8) * 0x2;
2169 		otp_bit = (read[0] >> bit_offset) & 0x1;
2170 		if (otp_bit == value) {
2171 			printf("OTPCFG0x%X[0x%X] = %d\n", otp_dw_offset, bit_offset, value);
2172 			printf("No need to program\n");
2173 			return OTP_SUCCESS;
2174 		}
2175 		if (otp_bit == 1 && value == 0) {
2176 			printf("OTPCFG0x%X[0x%X] = 1\n", otp_dw_offset, bit_offset);
2177 			printf("OTP is programmed, which can't be clean\n");
2178 			return OTP_FAILURE;
2179 		}
2180 		printf("Program OTPCFG0x%X[0x%X] to 1\n", otp_dw_offset, bit_offset);
2181 		break;
2182 	case OTP_REGION_DATA:
2183 		prog_address = otp_dw_offset;
2184 
2185 		if (otp_dw_offset % 2 == 0) {
2186 			otp_read_data(otp_dw_offset, read);
2187 			otp_bit = (read[0] >> bit_offset) & 0x1;
2188 
2189 			if (otp_bit == 1 && value == 0) {
2190 				printf("OTPDATA0x%X[0x%X] = 1\n", otp_dw_offset, bit_offset);
2191 				printf("OTP is programmed, which can't be cleared\n");
2192 				return OTP_FAILURE;
2193 			}
2194 		} else {
2195 			otp_read_data(otp_dw_offset - 1, read);
2196 			otp_bit = (read[1] >> bit_offset) & 0x1;
2197 
2198 			if (otp_bit == 0 && value == 1) {
2199 				printf("OTPDATA0x%X[0x%X] = 1\n", otp_dw_offset, bit_offset);
2200 				printf("OTP is programmed, which can't be written\n");
2201 				return OTP_FAILURE;
2202 			}
2203 		}
2204 		if (otp_bit == value) {
2205 			printf("OTPDATA0x%X[0x%X] = %d\n", otp_dw_offset, bit_offset, value);
2206 			printf("No need to program\n");
2207 			return OTP_SUCCESS;
2208 		}
2209 
2210 		printf("Program OTPDATA0x%X[0x%X] to %d\n", otp_dw_offset, bit_offset, value);
2211 		break;
2212 	case OTP_REGION_STRAP:
2213 		otp_strap_status(otpstrap);
2214 		otp_print_strap(bit_offset, 1);
2215 		ret = otp_strap_bit_confirm(&otpstrap[bit_offset], bit_offset, 0, value, 0);
2216 		if (ret == OTP_FAILURE)
2217 			return OTP_FAILURE;
2218 		else if (ret == OTP_PROG_SKIP)
2219 			return OTP_SUCCESS;
2220 
2221 		break;
2222 	}
2223 
2224 	if (!nconfirm) {
2225 		printf("type \"YES\" (no quotes) to continue:\n");
2226 		if (!confirm_yesno()) {
2227 			printf(" Aborting\n");
2228 			return OTP_FAILURE;
2229 		}
2230 	}
2231 
2232 	switch (mode) {
2233 	case OTP_REGION_STRAP:
2234 		ret =  otp_prog_strap_b(bit_offset, value);
2235 		break;
2236 	case OTP_REGION_CONF:
2237 	case OTP_REGION_DATA:
2238 		ret = otp_prog_dc_b(value, prog_address, bit_offset);
2239 		break;
2240 	}
2241 	otp_soak(0);
2242 	if (ret) {
2243 		printf("OTP cannot be programmed\n");
2244 		printf("FAILURE\n");
2245 		return OTP_FAILURE;
2246 	}
2247 
2248 	printf("SUCCESS\n");
2249 	return OTP_SUCCESS;
2250 }
2251 
2252 static int otp_update_rid(u32 update_num, int force)
2253 {
2254 	u32 otp_rid[2];
2255 	u32 sw_rid[2];
2256 	int rid_num = 0;
2257 	int sw_rid_num = 0;
2258 	int bit_offset;
2259 	int dw_offset;
2260 	int i;
2261 	int ret;
2262 
2263 	otp_read_conf(10, &otp_rid[0]);
2264 	otp_read_conf(11, &otp_rid[1]);
2265 
2266 	sw_rid[0] = readl(SW_REV_ID0);
2267 	sw_rid[1] = readl(SW_REV_ID1);
2268 
2269 	rid_num = get_rid_num(otp_rid);
2270 	sw_rid_num = get_rid_num(sw_rid);
2271 
2272 	if (sw_rid_num < 0) {
2273 		printf("SW revision id is invalid, please check.\n");
2274 		return OTP_FAILURE;
2275 	}
2276 
2277 	if (update_num > sw_rid_num) {
2278 		printf("current SW revision ID: 0x%x\n", sw_rid_num);
2279 		printf("update number could not bigger than current SW revision id\n");
2280 		return OTP_FAILURE;
2281 	}
2282 
2283 	if (rid_num < 0) {
2284 		printf("Current OTP revision ID cannot handle by this command,\n"
2285 		       "please use 'otp pb' command to update it manually\n");
2286 		otp_print_revid(otp_rid);
2287 		return OTP_FAILURE;
2288 	}
2289 
2290 	printf("current OTP revision ID: 0x%x\n", rid_num);
2291 	otp_print_revid(otp_rid);
2292 	printf("input update number: 0x%x\n", update_num);
2293 
2294 	if (rid_num > update_num) {
2295 		printf("OTP rev_id is bigger than 0x%X\n", update_num);
2296 		printf("Skip\n");
2297 		return OTP_FAILURE;
2298 	} else if (rid_num == update_num) {
2299 		printf("OTP rev_id is same as input\n");
2300 		printf("Skip\n");
2301 		return OTP_FAILURE;
2302 	}
2303 
2304 	for (i = rid_num; i < update_num; i++) {
2305 		if (i < 32) {
2306 			dw_offset = 0xa;
2307 			bit_offset = i;
2308 		} else {
2309 			dw_offset = 0xb;
2310 			bit_offset = i - 32;
2311 		}
2312 		printf("OTPCFG0x%X[0x%X]", dw_offset, bit_offset);
2313 		if (i + 1 != update_num)
2314 			printf(", ");
2315 	}
2316 
2317 	printf(" will be programmed\n");
2318 	if (force == 0) {
2319 		printf("type \"YES\" (no quotes) to continue:\n");
2320 		if (!confirm_yesno()) {
2321 			printf(" Aborting\n");
2322 			return OTP_FAILURE;
2323 		}
2324 	}
2325 
2326 	ret = 0;
2327 	for (i = rid_num; i < update_num; i++) {
2328 		if (i < 32) {
2329 			dw_offset = 0xa04;
2330 			bit_offset = i;
2331 		} else {
2332 			dw_offset = 0xa06;
2333 			bit_offset = i - 32;
2334 		}
2335 		if (otp_prog_dc_b(1, dw_offset, bit_offset)) {
2336 			printf("OTPCFG0x%X[0x%X] programming failed\n", dw_offset, bit_offset);
2337 			ret = OTP_FAILURE;
2338 			break;
2339 		}
2340 	}
2341 	otp_soak(0);
2342 	otp_read_conf(10, &otp_rid[0]);
2343 	otp_read_conf(11, &otp_rid[1]);
2344 	rid_num = get_rid_num(otp_rid);
2345 	if (rid_num >= 0)
2346 		printf("OTP revision ID: 0x%x\n", rid_num);
2347 	else
2348 		printf("OTP revision ID\n");
2349 	otp_print_revid(otp_rid);
2350 	if (!ret)
2351 		printf("SUCCESS\n");
2352 	else
2353 		printf("FAILED\n");
2354 	return ret;
2355 }
2356 
2357 static int otp_retire_key(u32 retire_id, int force)
2358 {
2359 	u32 otpcfg4;
2360 	u32 krb;
2361 	u32 krb_b;
2362 	u32 krb_or;
2363 	u32 current_id;
2364 
2365 	otp_read_conf(4, &otpcfg4);
2366 	current_id = readl(SEC_KEY_NUM) & 7;
2367 	krb = otpcfg4 & 0xff;
2368 	krb_b = (otpcfg4 >> 16) & 0xff;
2369 	krb_or = krb | krb_b;
2370 
2371 	printf("current Key ID: 0x%x\n", current_id);
2372 	printf("input retire ID: 0x%x\n", retire_id);
2373 	printf("OTPCFG0x4 = 0x%X\n", otpcfg4);
2374 
2375 	if (info_cb.pro_sts.pro_key_ret) {
2376 		printf("OTPCFG4 is protected\n");
2377 		return OTP_FAILURE;
2378 	}
2379 
2380 	if (retire_id >= current_id) {
2381 		printf("Retire key id is equal or bigger than current boot key\n");
2382 		return OTP_FAILURE;
2383 	}
2384 
2385 	if (krb_or & (1 << retire_id)) {
2386 		printf("Key 0x%X already retired\n", retire_id);
2387 		return OTP_SUCCESS;
2388 	}
2389 
2390 	printf("OTPCFG0x4[0x%X] will be programmed\n", retire_id);
2391 	if (force == 0) {
2392 		printf("type \"YES\" (no quotes) to continue:\n");
2393 		if (!confirm_yesno()) {
2394 			printf(" Aborting\n");
2395 			return OTP_FAILURE;
2396 		}
2397 	}
2398 
2399 	if (otp_prog_dc_b(1, 0x808, retire_id) == OTP_FAILURE) {
2400 		printf("OTPCFG0x4[0x%X] programming failed\n", retire_id);
2401 		printf("try to program backup OTPCFG0x4[0x%X]\n", retire_id + 16);
2402 		if (otp_prog_dc_b(1, 0x808, retire_id + 16) == OTP_FAILURE)
2403 			printf("OTPCFG0x4[0x%X] programming failed", retire_id + 16);
2404 	}
2405 
2406 	otp_soak(0);
2407 	otp_read_conf(4, &otpcfg4);
2408 	krb = otpcfg4 & 0xff;
2409 	krb_b = (otpcfg4 >> 16) & 0xff;
2410 	krb_or = krb | krb_b;
2411 	if (krb_or & (1 << retire_id)) {
2412 		printf("SUCCESS\n");
2413 		return OTP_SUCCESS;
2414 	}
2415 	printf("FAILED\n");
2416 	return OTP_FAILURE;
2417 }
2418 
2419 static int parse_config(struct sb_info *si)
2420 {
2421 	int i;
2422 	u32 cfg0, cfg3, cfg4;
2423 	u32 sb_mode;
2424 	u32 key_retire;
2425 	u32 rsa_len;
2426 	u32 sha_len;
2427 
2428 	otp_read_conf(0, &cfg0);
2429 	otp_read_conf(3, &cfg3);
2430 	otp_read_conf(4, &cfg4);
2431 
2432 	sb_mode = (cfg0 >> 7) & 0x1;
2433 	si->enc_flag = (cfg0 >> 27) & 0x1;
2434 	key_retire = (cfg4 & 0x7f) | ((cfg4 >> 16) & 0x7f);
2435 
2436 	if ((cfg0 >> 16) & 0x3f)
2437 		si->secure_region = 1;
2438 	else
2439 		si->secure_region = 0;
2440 
2441 	si->header_offset = cfg3 & 0xffff;
2442 	if (si->header_offset == 0)
2443 		si->header_offset = 0x20;
2444 
2445 	for (i = 0; i < 8; i++) {
2446 		if ((key_retire >> i) & 0x1)
2447 			si->retire_list[i] = 1;
2448 		else
2449 			si->retire_list[i] = 0;
2450 	}
2451 
2452 	if (sb_mode == 0) {
2453 		printf("Mode GCM is not supported.\n");
2454 		return OTP_FAILURE;
2455 	}
2456 
2457 	if (si->enc_flag)
2458 		printf("Algorithm: AES_RSA_SHA\n");
2459 	else
2460 		printf("Algorithm: RSA_SHA\n");
2461 
2462 	rsa_len = (cfg0 >> 10) & 0x3;
2463 	sha_len = (cfg0 >> 12) & 0x3;
2464 
2465 	if (rsa_len == 0) {
2466 		si->rsa_algo = 1024;
2467 		printf("RSA length: 1024\n");
2468 	} else if (rsa_len == 1) {
2469 		si->rsa_algo = 2048;
2470 		printf("RSA length: 2048\n");
2471 	} else if (rsa_len == 2) {
2472 		si->rsa_algo = 3072;
2473 		printf("RSA length: 3072\n");
2474 	} else {
2475 		si->rsa_algo = 4096;
2476 		printf("RSA length: 4096\n");
2477 	}
2478 	if (sha_len == 0) {
2479 		si->sha_algo = 224;
2480 		si->digest_len = 28;
2481 		printf("HASH length: 224\n");
2482 	} else if (sha_len == 1) {
2483 		si->sha_algo = 256;
2484 		si->digest_len = 32;
2485 		printf("HASH length: 256\n");
2486 	} else if (sha_len == 2) {
2487 		si->sha_algo = 384;
2488 		si->digest_len = 48;
2489 		printf("HASH length: 384\n");
2490 	} else {
2491 		si->sha_algo = 512;
2492 		si->digest_len = 64;
2493 		printf("HASH length: 512\n");
2494 	}
2495 	return OTP_SUCCESS;
2496 }
2497 
2498 static void parse_data(struct key_list *kl, int *key_num, struct sb_info *si, u32 *data)
2499 {
2500 	const struct otpkey_type *key_info_array = info_cb.key_info;
2501 	int i, j;
2502 	int id = 0;
2503 	u32 h;
2504 	u32 t;
2505 
2506 	*key_num = 0;
2507 	for (i = 0; i < 16; i++) {
2508 		h = data[i];
2509 		t = (h >> 14) & 0xf;
2510 		for (j = 0; j < info_cb.key_info_len; j++) {
2511 			if (t == key_info_array[j].value) {
2512 				kl[*key_num].key_info = &key_info_array[j];
2513 				kl[*key_num].offset = h & 0x1ff8;
2514 				id = h & 0x7;
2515 				kl[*key_num].id = id;
2516 				if (si->retire_list[id] == 1)
2517 					kl[*key_num].retire = 1;
2518 				else
2519 					kl[*key_num].retire = 0;
2520 				(*key_num)++;
2521 				break;
2522 			}
2523 		}
2524 		if ((data[i] >> 13) & 1)
2525 			break;
2526 	}
2527 }
2528 
2529 static int sb_sha(struct sb_info *si, u8 *sec_image, u32 sign_image_size, u8 *digest_ret)
2530 {
2531 	switch (si->sha_algo) {
2532 	case 224:
2533 		printf("otp verify does not support SHA224\n");
2534 		return OTP_FAILURE;
2535 	case 256:
2536 		do_hash(sec_image, sign_image_size, "sha256", digest_ret);
2537 		break;
2538 	case 384:
2539 		do_hash(sec_image, sign_image_size, "sha384", digest_ret);
2540 		break;
2541 	case 512:
2542 		do_hash(sec_image, sign_image_size, "sha512", digest_ret);
2543 		break;
2544 	default:
2545 		printf("SHA Algorithm is invalid\n");
2546 		return OTP_FAILURE;
2547 	}
2548 	return 0;
2549 }
2550 
2551 static int mode2_verify(u8 *sec_image, u32 sign_image_size,
2552 			u8 *signature, u8 *rsa_m,
2553 			int order, u8 *digest,
2554 			struct sb_info *si, struct udevice *mod_exp_dev)
2555 {
2556 	struct key_prop prop;
2557 	u8 rsa_e[3] = "\x01\x00\x01";
2558 	u8 sign_ret[512];
2559 	u8 rsa_m_rev[512];
2560 	u8 signature_rev[512];
2561 	u8 tmp;
2562 	u32 rsa_len = si->rsa_algo / 8;
2563 	int i;
2564 	int ret;
2565 
2566 	memset(&prop, 0, sizeof(struct key_prop));
2567 
2568 	if (order == OTP_LIT_END) {
2569 		memset(rsa_m_rev, 0, 512);
2570 		memset(signature_rev, 0, 512);
2571 		for (i = 0; i < rsa_len; i++) {
2572 			rsa_m_rev[i] = rsa_m[rsa_len - 1 - i];
2573 			signature_rev[i] = signature[rsa_len - 1 - i];
2574 		}
2575 		prop.modulus = rsa_m_rev;
2576 		prop.num_bits = si->rsa_algo;
2577 		prop.public_exponent = rsa_e;
2578 		prop.exp_len = 3;
2579 		ret = rsa_mod_exp(mod_exp_dev, signature_rev, rsa_len, &prop, sign_ret);
2580 	} else {
2581 		prop.modulus = rsa_m;
2582 		prop.num_bits = si->rsa_algo;
2583 		prop.public_exponent = rsa_e;
2584 		prop.exp_len = 3;
2585 		ret = rsa_mod_exp(mod_exp_dev, signature, rsa_len, &prop, sign_ret);
2586 	}
2587 
2588 	if (ret) {
2589 		printf("rsa_mod_exp error: %d\n", ret);
2590 		return OTP_FAILURE;
2591 	}
2592 
2593 	if (order == OTP_LIT_END) {
2594 		for (i = 0; i < rsa_len / 2; i++) {
2595 			tmp = sign_ret[i];
2596 			sign_ret[i] = sign_ret[rsa_len - 1 - i];
2597 			sign_ret[rsa_len - 1 - i] = tmp;
2598 		}
2599 		ret = memcmp(digest, sign_ret, si->digest_len);
2600 	} else {
2601 		ret = memcmp(digest, sign_ret + (rsa_len - si->digest_len), si->digest_len);
2602 	}
2603 
2604 	if (ret)
2605 		return OTP_FAILURE;
2606 	return 0;
2607 }
2608 
2609 static int otp_verify_boot_image(phys_addr_t addr)
2610 {
2611 	struct udevice *mod_exp_dev;
2612 	struct sb_info si;
2613 	struct key_list kl[16];
2614 	struct sb_header *sh;
2615 	u32 data[2048];
2616 	u8 digest[64];
2617 	u8 *sec_image;
2618 	u8 *signature;
2619 	u8 *key;
2620 	u32 otp_rid[2];
2621 	u32 sw_rid[2];
2622 	u64 *otp_rid64 = (u64 *)otp_rid;
2623 	u64 *sw_rid64 = (u64 *)sw_rid;
2624 	int key_num;
2625 	int ret;
2626 	int i;
2627 	int pass = 0;
2628 
2629 	ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
2630 	if (ret) {
2631 		printf("RSA: Can't find RSA driver\n");
2632 		return OTP_FAILURE;
2633 	}
2634 
2635 	for (i = 0; i < 2048 ; i += 2)
2636 		otp_read_data(i, &data[i]);
2637 	if (parse_config(&si))
2638 		return OTP_FAILURE;
2639 	parse_data(kl, &key_num, &si, data);
2640 	otp_read_conf(10, &otp_rid[0]);
2641 	otp_read_conf(11, &otp_rid[1]);
2642 
2643 	sec_image = (u8 *)addr;
2644 	sh = (struct sb_header *)(sec_image + si.header_offset);
2645 	signature = sec_image + sh->signature_offset;
2646 
2647 	if (si.secure_region)
2648 		printf("WARNING: Secure Region is enabled, the verification may not correct.\n");
2649 
2650 	if (sh->sign_image_size % 512) {
2651 		printf("ERROR: The sign_image_size should be 512 bytes aligned\n");
2652 		return OTP_FAILURE;
2653 	}
2654 
2655 	printf("Check revision ID: ");
2656 
2657 	sw_rid[0] = sh->revision_low;
2658 	sw_rid[1] = sh->revision_high;
2659 
2660 	if (*otp_rid64 > *sw_rid64) {
2661 		printf("FAIL\n");
2662 		printf("Header revision_low:  %x\n", sh->revision_low);
2663 		printf("Header revision_high: %x\n", sh->revision_high);
2664 		printf("OTP revision_low:     %x\n", otp_rid[0]);
2665 		printf("OTP revision_high:    %x\n", otp_rid[1]);
2666 		return OTP_FAILURE;
2667 	}
2668 	printf("PASS\n");
2669 
2670 	printf("Check secure image header: ");
2671 	if (((sh->aes_data_offset + sh->enc_offset + sh->sign_image_size +
2672 	      sh->signature_offset + sh->revision_high + sh->revision_low +
2673 	      sh->reserved + sh->bl1_header_checksum) & 0xffffffff) != 0) {
2674 		printf("FAIL\n");
2675 		printf("aes_data_offset:     %x\n", sh->aes_data_offset);
2676 		printf("enc_offset:          %x\n", sh->enc_offset);
2677 		printf("sign_image_size:     %x\n", sh->sign_image_size);
2678 		printf("signature_offset:    %x\n", sh->signature_offset);
2679 		printf("revision_high:       %x\n", sh->revision_high);
2680 		printf("revision_low:        %x\n", sh->revision_low);
2681 		printf("reserved:            %x\n", sh->reserved);
2682 		printf("bl1_header_checksum: %x\n", sh->bl1_header_checksum);
2683 		return OTP_FAILURE;
2684 	}
2685 	printf("PASS\n");
2686 
2687 	ret = sb_sha(&si, sec_image, sh->sign_image_size, digest);
2688 	if (ret)
2689 		return OTP_FAILURE;
2690 
2691 	printf("Verifying secure image\n");
2692 	for (i = 0; i < key_num; i++) {
2693 		if (kl[i].key_info->key_type != OTP_KEY_TYPE_RSA_PUB)
2694 			continue;
2695 		printf(" Key %d\n", kl[i].id);
2696 		if (kl[i].retire) {
2697 			printf(" Key %d is retired.\n", kl[i].id);
2698 			continue;
2699 		}
2700 		key = (u8 *)data + kl[i].offset;
2701 		if (!mode2_verify(sec_image, sh->sign_image_size,
2702 				  signature, key, kl[i].key_info->order, digest,
2703 				  &si, mod_exp_dev)) {
2704 			pass = 1;
2705 			break;
2706 		}
2707 	}
2708 	if (pass) {
2709 		printf("  OEM DSS RSA public keys\n");
2710 		printf("  ID: %d\n", kl[i].id);
2711 		if (kl[i].key_info->order == OTP_BIG_END)
2712 			printf("  Big endian\n");
2713 		else
2714 			printf("  Little endian\n");
2715 		printf("Verify secure image: PASS\n");
2716 		return OTP_SUCCESS;
2717 	}
2718 	printf("Verify secure image: FAIL\n");
2719 	return OTP_FAILURE;
2720 }
2721 
2722 static int otp_invalid_key(u32 header_offset, int force)
2723 {
2724 	int i;
2725 	int ret;
2726 	u32 header_list[16];
2727 	u32 header;
2728 	u32 key_type;
2729 	u32 prog_val;
2730 
2731 	for (i = 0; i < 16 ; i += 2)
2732 		otp_read_data(i, &header_list[i]);
2733 	header = header_list[header_offset];
2734 	key_type = (header >> 14) & 0xf;
2735 	_otp_print_key(header, header_offset, NULL);
2736 	if (key_type == 0 || key_type == 0xf) {
2737 		printf("Key[%d] already invalid\n", header_offset);
2738 		return OTP_SUCCESS;
2739 	}
2740 
2741 	printf("Key[%d] will be invalid\n", header_offset);
2742 	if (force == 0) {
2743 		printf("type \"YES\" (no quotes) to continue:\n");
2744 		if (!confirm_yesno()) {
2745 			printf(" Aborting\n");
2746 			return OTP_FAILURE;
2747 		}
2748 	}
2749 
2750 	if (header_offset % 2)
2751 		prog_val = 0;
2752 	else
2753 		prog_val = 1;
2754 	for (i = 14; i <= 17; i++) {
2755 		ret = otp_prog_dc_b(prog_val, header_offset, i);
2756 		if (ret) {
2757 			printf("OTPDATA0x%x[%d] programming failed\n", header_offset, i);
2758 			return OTP_FAILURE;
2759 		}
2760 	}
2761 
2762 	printf("SUCCESS\n");
2763 	return OTP_SUCCESS;
2764 }
2765 
2766 static int do_otpread(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
2767 {
2768 	u32 offset, count;
2769 	int ret;
2770 
2771 	if (argc == 4) {
2772 		offset = simple_strtoul(argv[2], NULL, 16);
2773 		count = simple_strtoul(argv[3], NULL, 16);
2774 	} else if (argc == 3) {
2775 		offset = simple_strtoul(argv[2], NULL, 16);
2776 		count = 1;
2777 	} else {
2778 		return CMD_RET_USAGE;
2779 	}
2780 
2781 	if (!strcmp(argv[1], "conf"))
2782 		ret = otp_print_conf(offset, count);
2783 	else if (!strcmp(argv[1], "data"))
2784 		ret = otp_print_data(offset, count);
2785 	else if (!strcmp(argv[1], "strap"))
2786 		ret = otp_print_strap(offset, count);
2787 	else
2788 		return CMD_RET_USAGE;
2789 
2790 	if (ret == OTP_SUCCESS)
2791 		return CMD_RET_SUCCESS;
2792 	return CMD_RET_USAGE;
2793 }
2794 
2795 static int do_otpprog(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
2796 {
2797 	phys_addr_t addr;
2798 	int ret;
2799 
2800 	if (argc == 3) {
2801 		if (strcmp(argv[1], "o"))
2802 			return CMD_RET_USAGE;
2803 		addr = simple_strtoul(argv[2], NULL, 16);
2804 		ret = otp_prog_image(addr, 1);
2805 	} else if (argc == 2) {
2806 		addr = simple_strtoul(argv[1], NULL, 16);
2807 		ret = otp_prog_image(addr, 0);
2808 	} else {
2809 		return CMD_RET_USAGE;
2810 	}
2811 
2812 	if (ret == OTP_SUCCESS)
2813 		return CMD_RET_SUCCESS;
2814 	else if (ret == OTP_FAILURE)
2815 		return CMD_RET_FAILURE;
2816 	else
2817 		return CMD_RET_USAGE;
2818 }
2819 
2820 static int do_otppb(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
2821 {
2822 	int mode = 0;
2823 	int nconfirm = 0;
2824 	int otp_addr = 0;
2825 	int bit_offset;
2826 	int value;
2827 	int ret;
2828 	u32 otp_strap_pro;
2829 
2830 	if (argc != 4 && argc != 5 && argc != 6)
2831 		return CMD_RET_USAGE;
2832 
2833 	/* Drop the pb cmd */
2834 	argc--;
2835 	argv++;
2836 
2837 	if (!strcmp(argv[0], "conf"))
2838 		mode = OTP_REGION_CONF;
2839 	else if (!strcmp(argv[0], "strap"))
2840 		mode = OTP_REGION_STRAP;
2841 	else if (!strcmp(argv[0], "data"))
2842 		mode = OTP_REGION_DATA;
2843 	else
2844 		return CMD_RET_USAGE;
2845 
2846 	/* Drop the region cmd */
2847 	argc--;
2848 	argv++;
2849 
2850 	if (!strcmp(argv[0], "o")) {
2851 		nconfirm = 1;
2852 		/* Drop the force option */
2853 		argc--;
2854 		argv++;
2855 	}
2856 
2857 	if (mode == OTP_REGION_STRAP) {
2858 		bit_offset = simple_strtoul(argv[0], NULL, 16);
2859 		value = simple_strtoul(argv[1], NULL, 16);
2860 		if (bit_offset >= 64 || (value != 0 && value != 1))
2861 			return CMD_RET_USAGE;
2862 	} else {
2863 		otp_addr = simple_strtoul(argv[0], NULL, 16);
2864 		bit_offset = simple_strtoul(argv[1], NULL, 16);
2865 		value = simple_strtoul(argv[2], NULL, 16);
2866 		if (bit_offset >= 32 || (value != 0 && value != 1))
2867 			return CMD_RET_USAGE;
2868 		if (mode == OTP_REGION_DATA) {
2869 			if (otp_addr >= 0x800)
2870 				return CMD_RET_USAGE;
2871 		} else {
2872 			if (otp_addr >= 0x20)
2873 				return CMD_RET_USAGE;
2874 		}
2875 	}
2876 	if (value != 0 && value != 1)
2877 		return CMD_RET_USAGE;
2878 
2879 	ret = 0;
2880 	if (info_cb.pro_sts.mem_lock) {
2881 		printf("OTP memory is locked\n");
2882 		return CMD_RET_FAILURE;
2883 	}
2884 	if (mode == OTP_REGION_DATA) {
2885 		if (info_cb.pro_sts.sec_size == 0) {
2886 			if (info_cb.pro_sts.pro_data) {
2887 				printf("OTP data region is protected\n");
2888 				ret = -1;
2889 			}
2890 		} else if (otp_addr < info_cb.pro_sts.sec_size && otp_addr >= 16) {
2891 			printf("OTP secure region is not readable, skip it to prevent unpredictable result\n");
2892 			ret = -1;
2893 		} else if (otp_addr < info_cb.pro_sts.sec_size) {
2894 			// header region(0x0~0x40) is still readable even secure region is set.
2895 			if (info_cb.pro_sts.pro_sec) {
2896 				printf("OTP secure region is protected\n");
2897 				ret = -1;
2898 			}
2899 		} else if (info_cb.pro_sts.pro_data) {
2900 			printf("OTP data region is protected\n");
2901 			ret = -1;
2902 		}
2903 	} else if (mode == OTP_REGION_CONF) {
2904 		if (otp_addr != 4 && otp_addr != 10 && otp_addr != 11 && otp_addr < 16) {
2905 			if (info_cb.pro_sts.pro_conf) {
2906 				printf("OTP config region is protected\n");
2907 				ret = -1;
2908 			}
2909 		} else if (otp_addr == 10 || otp_addr == 11) {
2910 			u32 otp_rid[2];
2911 			u32 sw_rid[2];
2912 			u64 *otp_rid64 = (u64 *)otp_rid;
2913 			u64 *sw_rid64 = (u64 *)sw_rid;
2914 
2915 			otp_read_conf(10, &otp_rid[0]);
2916 			otp_read_conf(11, &otp_rid[1]);
2917 			sw_rid[0] = readl(SW_REV_ID0);
2918 			sw_rid[1] = readl(SW_REV_ID1);
2919 
2920 			if (otp_addr == 10)
2921 				otp_rid[0] |= 1 << bit_offset;
2922 			else
2923 				otp_rid[1] |= 1 << bit_offset;
2924 
2925 			if (*otp_rid64 > *sw_rid64) {
2926 				printf("update number could not bigger than current SW revision id\n");
2927 				ret = -1;
2928 			}
2929 		} else if (otp_addr == 4) {
2930 			if (info_cb.pro_sts.pro_key_ret) {
2931 				printf("OTPCFG4 is protected\n");
2932 				ret = -1;
2933 			} else {
2934 				if ((bit_offset >= 0 && bit_offset <= 7) ||
2935 				    (bit_offset >= 16 && bit_offset <= 23)) {
2936 					u32 key_num;
2937 					u32 retire;
2938 
2939 					key_num = readl(SEC_KEY_NUM) & 3;
2940 					if (bit_offset >= 16)
2941 						retire = bit_offset - 16;
2942 					else
2943 						retire = bit_offset;
2944 					if (retire >= key_num) {
2945 						printf("Retire key id is equal or bigger than current boot key\n");
2946 						ret = -1;
2947 					}
2948 				}
2949 			}
2950 		} else if (otp_addr >= 16 && otp_addr <= 31) {
2951 			if (info_cb.pro_sts.pro_strap) {
2952 				printf("OTP strap region is protected\n");
2953 				ret = -1;
2954 			} else if ((otp_addr < 30 && info_cb.version == OTP_A0) ||
2955 				   (otp_addr < 28 && info_cb.version != OTP_A0)) {
2956 				if (otp_addr % 2 == 0)
2957 					otp_read_conf(30, &otp_strap_pro);
2958 				else
2959 					otp_read_conf(31, &otp_strap_pro);
2960 				if (otp_strap_pro >> bit_offset & 0x1) {
2961 					printf("OTPCFG0x%X[0x%X] is protected\n", otp_addr, bit_offset);
2962 					ret = -1;
2963 				}
2964 			}
2965 		}
2966 	} else if (mode == OTP_REGION_STRAP) {
2967 		// per bit protection will check in otp_strap_bit_confirm
2968 		if (info_cb.pro_sts.pro_strap) {
2969 			printf("OTP strap region is protected\n");
2970 			ret = -1;
2971 		}
2972 	}
2973 
2974 	if (ret == -1)
2975 		return CMD_RET_FAILURE;
2976 
2977 	ret = otp_prog_bit(mode, otp_addr, bit_offset, value, nconfirm);
2978 
2979 	if (ret == OTP_SUCCESS)
2980 		return CMD_RET_SUCCESS;
2981 	else if (ret == OTP_FAILURE)
2982 		return CMD_RET_FAILURE;
2983 	else
2984 		return CMD_RET_USAGE;
2985 }
2986 
2987 static int do_otpcmp(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
2988 {
2989 	phys_addr_t addr;
2990 	int otp_addr = 0;
2991 	int ret;
2992 
2993 	if (argc != 3)
2994 		return CMD_RET_USAGE;
2995 
2996 	addr = simple_strtoul(argv[1], NULL, 16);
2997 	otp_addr = simple_strtoul(argv[2], NULL, 16);
2998 	ret = otp_compare(otp_addr, addr);
2999 	if (ret == 0) {
3000 		printf("Compare pass\n");
3001 		return CMD_RET_SUCCESS;
3002 	}
3003 	printf("Compare fail\n");
3004 	return CMD_RET_FAILURE;
3005 }
3006 
3007 static int do_otpinfo(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3008 {
3009 	int view = 0;
3010 	int input;
3011 
3012 	if (argc != 2 && argc != 3)
3013 		return CMD_RET_USAGE;
3014 
3015 	if (!strcmp(argv[1], "conf")) {
3016 		if (argc == 3) {
3017 			input = simple_strtoul(argv[2], NULL, 16);
3018 			otp_print_conf_info(input);
3019 		} else {
3020 			otp_print_conf_info(-1);
3021 		}
3022 	} else if (!strcmp(argv[1], "strap")) {
3023 		if (!strcmp(argv[2], "v")) {
3024 			view = 1;
3025 			/* Drop the view option */
3026 			argc--;
3027 			argv++;
3028 		}
3029 		otp_print_strap_info(view);
3030 	} else if (!strcmp(argv[1], "scu")) {
3031 		otp_print_scu_info();
3032 	} else if (!strcmp(argv[1], "key")) {
3033 		otp_print_key_info();
3034 	} else {
3035 		return CMD_RET_USAGE;
3036 	}
3037 
3038 	return CMD_RET_SUCCESS;
3039 }
3040 
3041 static int do_otpprotect(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3042 {
3043 	u32 input;
3044 	u32 bit_offset;
3045 	u32 prog_address;
3046 	char force;
3047 	int ret;
3048 
3049 	if (argc != 3 && argc != 2)
3050 		return CMD_RET_USAGE;
3051 
3052 	if (!strcmp(argv[1], "o")) {
3053 		input = simple_strtoul(argv[2], NULL, 16);
3054 		force = 1;
3055 	} else {
3056 		input = simple_strtoul(argv[1], NULL, 16);
3057 		force = 0;
3058 	}
3059 
3060 	if (input < 32) {
3061 		bit_offset = input;
3062 		prog_address = 0xe0c;
3063 	} else if (input < 64) {
3064 		bit_offset = input - 32;
3065 		prog_address = 0xe0e;
3066 	} else {
3067 		return CMD_RET_USAGE;
3068 	}
3069 
3070 	if (info_cb.pro_sts.pro_strap) {
3071 		printf("OTP strap region is protected\n");
3072 		return CMD_RET_FAILURE;
3073 	}
3074 
3075 	if (!force) {
3076 		printf("OTPSTRAP[0x%X] will be protected\n", input);
3077 		printf("type \"YES\" (no quotes) to continue:\n");
3078 		if (!confirm_yesno()) {
3079 			printf(" Aborting\n");
3080 			return CMD_RET_FAILURE;
3081 		}
3082 	}
3083 
3084 	if (verify_bit(prog_address, bit_offset, 1) == 0) {
3085 		printf("OTPSTRAP[0x%X] already protected\n", input);
3086 		return CMD_RET_SUCCESS;
3087 	}
3088 
3089 	ret = otp_prog_dc_b(1, prog_address, bit_offset);
3090 	otp_soak(0);
3091 
3092 	if (ret) {
3093 		printf("Protect OTPSTRAP[0x%X] fail\n", input);
3094 		return CMD_RET_FAILURE;
3095 	}
3096 
3097 	printf("OTPSTRAP[0x%X] is protected\n", input);
3098 	return CMD_RET_SUCCESS;
3099 }
3100 
3101 static int do_otp_scuprotect(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3102 {
3103 	u32 scu_offset;
3104 	u32 bit_offset;
3105 	u32 conf_offset;
3106 	u32 prog_address;
3107 	char force;
3108 	int ret;
3109 
3110 	if (argc != 4 && argc != 3)
3111 		return CMD_RET_USAGE;
3112 
3113 	if (!strcmp(argv[1], "o")) {
3114 		scu_offset = simple_strtoul(argv[2], NULL, 16);
3115 		bit_offset = simple_strtoul(argv[3], NULL, 16);
3116 		force = 1;
3117 	} else {
3118 		scu_offset = simple_strtoul(argv[1], NULL, 16);
3119 		bit_offset = simple_strtoul(argv[2], NULL, 16);
3120 		force = 0;
3121 	}
3122 	if (scu_offset == 0x500) {
3123 		prog_address = 0xe08;
3124 		conf_offset = 28;
3125 	} else if (scu_offset == 0x510) {
3126 		prog_address = 0xe0a;
3127 		conf_offset = 29;
3128 	} else {
3129 		return CMD_RET_USAGE;
3130 	}
3131 	if (bit_offset < 0 || bit_offset > 31)
3132 		return CMD_RET_USAGE;
3133 	if (info_cb.pro_sts.pro_strap) {
3134 		printf("OTP strap region is protected\n");
3135 		return CMD_RET_FAILURE;
3136 	}
3137 	if (!force) {
3138 		printf("OTPCONF0x%X[0x%X] will be programmed\n", conf_offset, bit_offset);
3139 		printf("SCU0x%X[0x%X] will be protected\n", scu_offset, bit_offset);
3140 		printf("type \"YES\" (no quotes) to continue:\n");
3141 		if (!confirm_yesno()) {
3142 			printf(" Aborting\n");
3143 			return CMD_RET_FAILURE;
3144 		}
3145 	}
3146 
3147 	if (verify_bit(prog_address, bit_offset, 1) == 0) {
3148 		printf("OTPCONF0x%X[0x%X] already programmed\n", conf_offset, bit_offset);
3149 		return CMD_RET_SUCCESS;
3150 	}
3151 
3152 	ret = otp_prog_dc_b(1, prog_address, bit_offset);
3153 	otp_soak(0);
3154 
3155 	if (ret) {
3156 		printf("Program OTPCONF0x%X[0x%X] fail\n", conf_offset, bit_offset);
3157 		return CMD_RET_FAILURE;
3158 	}
3159 
3160 	printf("OTPCONF0x%X[0x%X] programmed success\n", conf_offset, bit_offset);
3161 	return CMD_RET_SUCCESS;
3162 }
3163 
3164 static int do_otpver(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3165 {
3166 	printf("SOC OTP version: %s\n", info_cb.ver_name);
3167 	printf("OTP tool version: %s\n", OTP_VER);
3168 	printf("OTP info version: %s\n", OTP_INFO_VER);
3169 
3170 	return CMD_RET_SUCCESS;
3171 }
3172 
3173 static int do_otpupdate(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3174 {
3175 	u32 update_num;
3176 	int force = 0;
3177 	int ret;
3178 
3179 	if (argc == 3) {
3180 		if (strcmp(argv[1], "o"))
3181 			return CMD_RET_USAGE;
3182 		force = 1;
3183 		update_num = simple_strtoul(argv[2], NULL, 16);
3184 	} else if (argc == 2) {
3185 		update_num = simple_strtoul(argv[1], NULL, 16);
3186 	} else {
3187 		return CMD_RET_USAGE;
3188 	}
3189 
3190 	if (update_num > 64)
3191 		return CMD_RET_USAGE;
3192 	ret = otp_update_rid(update_num, force);
3193 
3194 	if (ret)
3195 		return CMD_RET_FAILURE;
3196 	return CMD_RET_SUCCESS;
3197 }
3198 
3199 static int do_otprid(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3200 {
3201 	u32 otp_rid[2];
3202 	u32 sw_rid[2];
3203 	int rid_num = 0;
3204 	int sw_rid_num = 0;
3205 	int ret;
3206 
3207 	if (argc != 1)
3208 		return CMD_RET_USAGE;
3209 
3210 	otp_read_conf(10, &otp_rid[0]);
3211 	otp_read_conf(11, &otp_rid[1]);
3212 
3213 	sw_rid[0] = readl(SW_REV_ID0);
3214 	sw_rid[1] = readl(SW_REV_ID1);
3215 
3216 	rid_num = get_rid_num(otp_rid);
3217 	sw_rid_num = get_rid_num(sw_rid);
3218 
3219 	if (sw_rid_num < 0) {
3220 		printf("SW revision id is invalid, please check.\n");
3221 		printf("SEC68:0x%x\n", sw_rid[0]);
3222 		printf("SEC6C:0x%x\n", sw_rid[1]);
3223 	} else {
3224 		printf("current SW revision ID: 0x%x\n", sw_rid_num);
3225 	}
3226 	if (rid_num >= 0) {
3227 		printf("current OTP revision ID: 0x%x\n", rid_num);
3228 		ret = CMD_RET_SUCCESS;
3229 	} else {
3230 		printf("Current OTP revision ID cannot handle by 'otp update',\n"
3231 		       "please use 'otp pb' command to update it manually\n"
3232 		       "current OTP revision ID\n");
3233 		ret = CMD_RET_FAILURE;
3234 	}
3235 	otp_print_revid(otp_rid);
3236 
3237 	return ret;
3238 }
3239 
3240 static int do_otpretire(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3241 {
3242 	u32 retire_id;
3243 	int force = 0;
3244 	int ret;
3245 
3246 	if (argc == 3) {
3247 		if (strcmp(argv[1], "o"))
3248 			return CMD_RET_USAGE;
3249 		force = 1;
3250 		retire_id = simple_strtoul(argv[2], NULL, 16);
3251 	} else if (argc == 2) {
3252 		retire_id = simple_strtoul(argv[1], NULL, 16);
3253 	} else {
3254 		return CMD_RET_USAGE;
3255 	}
3256 
3257 	if (retire_id > 7)
3258 		return CMD_RET_USAGE;
3259 	ret = otp_retire_key(retire_id, force);
3260 
3261 	if (ret)
3262 		return CMD_RET_FAILURE;
3263 	return CMD_RET_SUCCESS;
3264 }
3265 
3266 static int do_otpverify(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3267 {
3268 	phys_addr_t addr;
3269 	int ret;
3270 
3271 	if (argc == 2) {
3272 		addr = simple_strtoul(argv[1], NULL, 16);
3273 		ret = otp_verify_boot_image(addr);
3274 	} else {
3275 		return CMD_RET_USAGE;
3276 	}
3277 
3278 	if (ret == OTP_SUCCESS)
3279 		return CMD_RET_SUCCESS;
3280 	else if (ret == OTP_FAILURE)
3281 		return CMD_RET_FAILURE;
3282 	else
3283 		return CMD_RET_USAGE;
3284 }
3285 
3286 static int do_otpinvalid(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3287 {
3288 	u32 header_offset;
3289 	int force = 0;
3290 	int ret;
3291 
3292 	if (argc == 3) {
3293 		if (strcmp(argv[1], "o"))
3294 			return CMD_RET_USAGE;
3295 		force = 1;
3296 		header_offset = simple_strtoul(argv[2], NULL, 16);
3297 	} else if (argc == 2) {
3298 		header_offset = simple_strtoul(argv[1], NULL, 16);
3299 	} else {
3300 		return CMD_RET_USAGE;
3301 	}
3302 
3303 	if (header_offset > 16)
3304 		return CMD_RET_USAGE;
3305 	ret = otp_invalid_key(header_offset, force);
3306 
3307 	if (ret)
3308 		return CMD_RET_FAILURE;
3309 	return CMD_RET_SUCCESS;
3310 }
3311 
3312 static cmd_tbl_t cmd_otp[] = {
3313 	U_BOOT_CMD_MKENT(version, 1, 0, do_otpver, "", ""),
3314 	U_BOOT_CMD_MKENT(read, 4, 0, do_otpread, "", ""),
3315 	U_BOOT_CMD_MKENT(info, 3, 0, do_otpinfo, "", ""),
3316 	U_BOOT_CMD_MKENT(prog, 3, 0, do_otpprog, "", ""),
3317 	U_BOOT_CMD_MKENT(pb, 6, 0, do_otppb, "", ""),
3318 	U_BOOT_CMD_MKENT(protect, 3, 0, do_otpprotect, "", ""),
3319 	U_BOOT_CMD_MKENT(scuprotect, 4, 0, do_otp_scuprotect, "", ""),
3320 	U_BOOT_CMD_MKENT(cmp, 3, 0, do_otpcmp, "", ""),
3321 	U_BOOT_CMD_MKENT(update, 3, 0, do_otpupdate, "", ""),
3322 	U_BOOT_CMD_MKENT(rid, 1, 0, do_otprid, "", ""),
3323 	U_BOOT_CMD_MKENT(retire, 3, 0, do_otpretire, "", ""),
3324 	U_BOOT_CMD_MKENT(verify, 2, 0, do_otpverify, "", ""),
3325 	U_BOOT_CMD_MKENT(invalid, 3, 0, do_otpinvalid, "", ""),
3326 };
3327 
3328 static int do_ast_otp(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3329 {
3330 	struct otp_pro_sts *pro_sts;
3331 	cmd_tbl_t *cp;
3332 	u32 ver;
3333 	int ret;
3334 	u32 otp_conf0;
3335 
3336 	cp = find_cmd_tbl(argv[1], cmd_otp, ARRAY_SIZE(cmd_otp));
3337 
3338 	/* Drop the otp command */
3339 	argc--;
3340 	argv++;
3341 
3342 	if (!cp || argc > cp->maxargs)
3343 		return CMD_RET_USAGE;
3344 	if (flag == CMD_FLAG_REPEAT && !cmd_is_repeatable(cp))
3345 		return CMD_RET_SUCCESS;
3346 
3347 	ver = chip_version();
3348 	switch (ver) {
3349 	case OTP_A0:
3350 		info_cb.version = OTP_A0;
3351 		info_cb.conf_info = a0_conf_info;
3352 		info_cb.conf_info_len = ARRAY_SIZE(a0_conf_info);
3353 		info_cb.strap_info = a0_strap_info;
3354 		info_cb.strap_info_len = ARRAY_SIZE(a0_strap_info);
3355 		info_cb.key_info = a0_key_type;
3356 		info_cb.key_info_len = ARRAY_SIZE(a0_key_type);
3357 		sprintf(info_cb.ver_name, "A0");
3358 		break;
3359 	case OTP_A1:
3360 		info_cb.version = OTP_A1;
3361 		info_cb.conf_info = a1_conf_info;
3362 		info_cb.conf_info_len = ARRAY_SIZE(a1_conf_info);
3363 		info_cb.strap_info = a1_strap_info;
3364 		info_cb.strap_info_len = ARRAY_SIZE(a1_strap_info);
3365 		info_cb.key_info = a1_key_type;
3366 		info_cb.key_info_len = ARRAY_SIZE(a1_key_type);
3367 		info_cb.scu_info = a1_scu_info;
3368 		info_cb.scu_info_len = ARRAY_SIZE(a1_scu_info);
3369 		sprintf(info_cb.ver_name, "A1");
3370 		break;
3371 	case OTP_A2:
3372 		info_cb.version = OTP_A2;
3373 		info_cb.conf_info = a2_conf_info;
3374 		info_cb.conf_info_len = ARRAY_SIZE(a2_conf_info);
3375 		info_cb.strap_info = a1_strap_info;
3376 		info_cb.strap_info_len = ARRAY_SIZE(a1_strap_info);
3377 		info_cb.key_info = a2_key_type;
3378 		info_cb.key_info_len = ARRAY_SIZE(a2_key_type);
3379 		info_cb.scu_info = a1_scu_info;
3380 		info_cb.scu_info_len = ARRAY_SIZE(a1_scu_info);
3381 		sprintf(info_cb.ver_name, "A2");
3382 		break;
3383 	case OTP_A3:
3384 		info_cb.version = OTP_A3;
3385 		info_cb.conf_info = a3_conf_info;
3386 		info_cb.conf_info_len = ARRAY_SIZE(a3_conf_info);
3387 		info_cb.strap_info = a1_strap_info;
3388 		info_cb.strap_info_len = ARRAY_SIZE(a1_strap_info);
3389 		info_cb.key_info = a3_key_type;
3390 		info_cb.key_info_len = ARRAY_SIZE(a3_key_type);
3391 		info_cb.scu_info = a1_scu_info;
3392 		info_cb.scu_info_len = ARRAY_SIZE(a1_scu_info);
3393 		sprintf(info_cb.ver_name, "A3");
3394 		break;
3395 	default:
3396 		printf("SOC is not supported\n");
3397 		return CMD_RET_FAILURE;
3398 	}
3399 
3400 	writel(OTP_PASSWD, OTP_PROTECT_KEY); //password
3401 	otp_read_conf(0, &otp_conf0);
3402 	pro_sts = &info_cb.pro_sts;
3403 
3404 	pro_sts->mem_lock = (otp_conf0 >> 31) & 0x1;
3405 	pro_sts->pro_key_ret = (otp_conf0 >> 29) & 0x1;
3406 	pro_sts->pro_strap = (otp_conf0 >> 25) & 0x1;
3407 	pro_sts->pro_conf = (otp_conf0 >> 24) & 0x1;
3408 	pro_sts->pro_data = (otp_conf0 >> 23) & 0x1;
3409 	pro_sts->pro_sec = (otp_conf0 >> 22) & 0x1;
3410 	pro_sts->sec_size = ((otp_conf0 >> 16) & 0x3f) << 5;
3411 
3412 	ret = cp->cmd(cmdtp, flag, argc, argv);
3413 	writel(1, OTP_PROTECT_KEY); //protect otp controller
3414 
3415 	return ret;
3416 }
3417 
3418 U_BOOT_CMD(otp, 7, 0,  do_ast_otp,
3419 	   "ASPEED One-Time-Programmable sub-system",
3420 	   "version\n"
3421 	   "otp read conf|data <otp_dw_offset> <dw_count>\n"
3422 	   "otp read strap <strap_bit_offset> <bit_count>\n"
3423 	   "otp info strap [v]\n"
3424 	   "otp info conf [otp_dw_offset]\n"
3425 	   "otp info scu\n"
3426 	   "otp info key\n"
3427 	   "otp prog [o] <addr>\n"
3428 	   "otp pb conf|data [o] <otp_dw_offset> <bit_offset> <value>\n"
3429 	   "otp pb strap [o] <bit_offset> <value>\n"
3430 	   "otp protect [o] <bit_offset>\n"
3431 	   "otp scuprotect [o] <scu_offset> <bit_offset>\n"
3432 	   "otp update [o] <revision_id>\n"
3433 	   "otp rid\n"
3434 	   "otp retire [o] <key_id>\n"
3435 	   "otp verify <addr>\n"
3436 	   "otp invalid [o] <header_offset>\n"
3437 	  );
3438