xref: /openbmc/u-boot/cmd/otp.c (revision 70552e3734430dc896c832b045f6f6bf857d34f7)
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Copyright 2021 Aspeed Technology Inc.
4  */
5 
6 #include <stdlib.h>
7 #include <common.h>
8 #include <console.h>
9 #include <bootretry.h>
10 #include <cli.h>
11 #include <command.h>
12 #include <console.h>
13 #include <malloc.h>
14 #include <inttypes.h>
15 #include <mapmem.h>
16 #include <asm/io.h>
17 #include <linux/compiler.h>
18 #include <linux/iopoll.h>
19 #include <u-boot/sha256.h>
20 #include <u-boot/sha512.h>
21 #include <u-boot/rsa.h>
22 #include <u-boot/rsa-mod-exp.h>
23 #include <dm.h>
24 #include "otp_info.h"
25 
26 DECLARE_GLOBAL_DATA_PTR;
27 
28 #define OTP_VER				"2.0.0"
29 
30 #define OTP_PASSWD			0x349fe38a
31 #define RETRY				20
32 #define OTP_REGION_STRAP		BIT(0)
33 #define OTP_REGION_CONF			BIT(1)
34 #define OTP_REGION_DATA			BIT(2)
35 
36 #define OTP_USAGE			-1
37 #define OTP_FAILURE			-2
38 #define OTP_SUCCESS			0
39 
40 #define OTP_PROG_SKIP			1
41 
42 #define OTP_KEY_TYPE_RSA_PUB		1
43 #define OTP_KEY_TYPE_RSA_PRIV		2
44 #define OTP_KEY_TYPE_AES		3
45 #define OTP_KEY_TYPE_VAULT		4
46 #define OTP_KEY_TYPE_HMAC		5
47 
48 #define OTP_LIT_END			0
49 #define OTP_BIG_END			1
50 
51 #define OTP_BASE		0x1e6f2000
52 #define OTP_PROTECT_KEY		OTP_BASE
53 #define OTP_COMMAND		OTP_BASE + 0x4
54 #define OTP_TIMING		OTP_BASE + 0x8
55 #define OTP_ADDR		OTP_BASE + 0x10
56 #define OTP_STATUS		OTP_BASE + 0x14
57 #define OTP_COMPARE_1		OTP_BASE + 0x20
58 #define OTP_COMPARE_2		OTP_BASE + 0x24
59 #define OTP_COMPARE_3		OTP_BASE + 0x28
60 #define OTP_COMPARE_4		OTP_BASE + 0x2c
61 #define SW_REV_ID0		OTP_BASE + 0x68
62 #define SW_REV_ID1		OTP_BASE + 0x6c
63 #define SEC_KEY_NUM		OTP_BASE + 0x78
64 
65 #define OTP_MAGIC		"SOCOTP"
66 #define CHECKSUM_LEN		64
67 #define OTP_INC_DATA		BIT(31)
68 #define OTP_INC_CONFIG		BIT(30)
69 #define OTP_INC_STRAP		BIT(29)
70 #define OTP_ECC_EN		BIT(28)
71 #define OTP_INC_SCU_PRO		BIT(25)
72 #define OTP_REGION_SIZE(info)	((info >> 16) & 0xffff)
73 #define OTP_REGION_OFFSET(info)	(info & 0xffff)
74 #define OTP_IMAGE_SIZE(info)	(info & 0xffff)
75 
76 #define OTP_A0		0
77 #define OTP_A1		1
78 #define OTP_A2		2
79 #define OTP_A3		3
80 
81 #define ID0_AST2600A0	0x05000303
82 #define ID1_AST2600A0	0x05000303
83 #define ID0_AST2600A1	0x05010303
84 #define ID1_AST2600A1	0x05010303
85 #define ID0_AST2600A2	0x05010303
86 #define ID1_AST2600A2	0x05020303
87 #define ID0_AST2600A3	0x05030303
88 #define ID1_AST2600A3	0x05030303
89 #define ID0_AST2620A1	0x05010203
90 #define ID1_AST2620A1	0x05010203
91 #define ID0_AST2620A2	0x05010203
92 #define ID1_AST2620A2	0x05020203
93 #define ID0_AST2620A3	0x05030203
94 #define ID1_AST2620A3	0x05030203
95 #define ID0_AST2620A3	0x05030203
96 #define ID1_AST2620A3	0x05030203
97 #define ID0_AST2605A2	0x05010103
98 #define ID1_AST2605A2	0x05020103
99 #define ID0_AST2605A3	0x05030103
100 #define ID1_AST2605A3	0x05030103
101 #define ID0_AST2625A3	0x05030403
102 #define ID1_AST2625A3	0x05030403
103 
104 #define SOC_AST2600A0	0
105 #define SOC_AST2600A1	1
106 #define SOC_AST2600A2	2
107 #define SOC_AST2600A3	3
108 
109 #define OTPTOOL_VERSION(a, b, c) (((a) << 24) + ((b) << 12) + (c))
110 #define OTPTOOL_VERSION_MAJOR(x) (((x) >> 24) & 0xff)
111 #define OTPTOOL_VERSION_PATCHLEVEL(x) (((x) >> 12) & 0xfff)
112 #define OTPTOOL_VERSION_SUBLEVEL(x) ((x) & 0xfff)
113 #define OTPTOOL_COMPT_VERSION 2
114 
115 struct otp_header {
116 	u8	otp_magic[8];
117 	u32	soc_ver;
118 	u32	otptool_ver;
119 	u32	image_info;
120 	u32	data_info;
121 	u32	config_info;
122 	u32	strap_info;
123 	u32	scu_protect_info;
124 	u32	checksum_offset;
125 } __packed;
126 
127 struct otpstrap_status {
128 	int value;
129 	int option_array[7];
130 	int remain_times;
131 	int writeable_option;
132 	int protected;
133 };
134 
135 struct otpkey_type {
136 	int value;
137 	int key_type;
138 	int order;
139 	int need_id;
140 	char information[110];
141 };
142 
143 struct otp_pro_sts {
144 	char mem_lock;
145 	char pro_key_ret;
146 	char pro_strap;
147 	char pro_conf;
148 	char pro_data;
149 	char pro_sec;
150 	u32 sec_size;
151 };
152 
153 struct otp_info_cb {
154 	int version;
155 	char ver_name[3];
156 	const struct otpstrap_info *strap_info;
157 	int strap_info_len;
158 	const struct otpconf_info *conf_info;
159 	int conf_info_len;
160 	const struct otpkey_type *key_info;
161 	int key_info_len;
162 	const struct scu_info *scu_info;
163 	int scu_info_len;
164 	struct otp_pro_sts pro_sts;
165 };
166 
167 struct otp_image_layout {
168 	int data_length;
169 	int conf_length;
170 	int strap_length;
171 	int scu_pro_length;
172 	u8 *data;
173 	u8 *data_ignore;
174 	u8 *conf;
175 	u8 *conf_ignore;
176 	u8 *strap;
177 	u8 *strap_pro;
178 	u8 *strap_ignore;
179 	u8 *scu_pro;
180 	u8 *scu_pro_ignore;
181 };
182 
183 struct sb_info {
184 	int header_offset;
185 	int secure_region;
186 	int rsa_algo;
187 	int sha_algo;
188 	int digest_len;
189 	int retire_list[8];
190 	int enc_flag;
191 };
192 
193 struct key_list {
194 	const struct otpkey_type *key_info;
195 	int offset;
196 	int id;
197 	int retire;
198 };
199 
200 struct sb_header {
201 	u32 aes_data_offset;
202 	u32 enc_offset;
203 	u32 sign_image_size;
204 	u32 signature_offset;
205 	u32 revision_low;
206 	u32 revision_high;
207 	u32 reserved;
208 	u32 bl1_header_checksum;
209 };
210 
211 static struct otp_info_cb info_cb;
212 
213 static const struct otpkey_type a0_key_type[] = {
214 	{0, OTP_KEY_TYPE_AES,       OTP_LIT_END, 0, "AES-256 as OEM platform key for image encryption/decryption"},
215 	{1, OTP_KEY_TYPE_VAULT,     OTP_LIT_END, 0, "AES-256 as secret vault key"},
216 	{4, OTP_KEY_TYPE_HMAC,      OTP_LIT_END, 1, "HMAC as encrypted OEM HMAC keys in Mode 1"},
217 	{8, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 1, "RSA-public as OEM DSS public keys in Mode 2"},
218 	{9, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 0, "RSA-public as SOC public key"},
219 	{10, OTP_KEY_TYPE_RSA_PUB,  OTP_LIT_END, 0, "RSA-public as AES key decryption key"},
220 	{13, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as SOC private key"},
221 	{14, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as AES key decryption key"},
222 };
223 
224 static const struct otpkey_type a1_key_type[] = {
225 	{1, OTP_KEY_TYPE_VAULT,     OTP_LIT_END, 0, "AES-256 as secret vault key"},
226 	{2, OTP_KEY_TYPE_AES,       OTP_LIT_END, 1, "AES-256 as OEM platform key for image encryption/decryption in Mode 2 or AES-256 as OEM DSS keys for Mode GCM"},
227 	{8, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 1, "RSA-public as OEM DSS public keys in Mode 2"},
228 	{10, OTP_KEY_TYPE_RSA_PUB,  OTP_LIT_END, 0, "RSA-public as AES key decryption key"},
229 	{14, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as AES key decryption key"},
230 };
231 
232 static const struct otpkey_type a2_key_type[] = {
233 	{1, OTP_KEY_TYPE_VAULT,     OTP_LIT_END, 0, "AES-256 as secret vault key"},
234 	{2, OTP_KEY_TYPE_AES,       OTP_LIT_END, 1, "AES-256 as OEM platform key for image encryption/decryption in Mode 2 or AES-256 as OEM DSS keys for Mode GCM"},
235 	{8, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 1, "RSA-public as OEM DSS public keys in Mode 2"},
236 	{10, OTP_KEY_TYPE_RSA_PUB,  OTP_LIT_END, 0, "RSA-public as AES key decryption key"},
237 	{14, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as AES key decryption key"},
238 };
239 
240 static const struct otpkey_type a3_key_type[] = {
241 	{1, OTP_KEY_TYPE_VAULT,     OTP_LIT_END, 0, "AES-256 as secret vault key"},
242 	{2, OTP_KEY_TYPE_AES,       OTP_LIT_END, 1, "AES-256 as OEM platform key for image encryption/decryption in Mode 2 or AES-256 as OEM DSS keys for Mode GCM"},
243 	{8, OTP_KEY_TYPE_RSA_PUB,   OTP_LIT_END, 1, "RSA-public as OEM DSS public keys in Mode 2"},
244 	{9, OTP_KEY_TYPE_RSA_PUB,   OTP_BIG_END, 1, "RSA-public as OEM DSS public keys in Mode 2(big endian)"},
245 	{10, OTP_KEY_TYPE_RSA_PUB,  OTP_LIT_END, 0, "RSA-public as AES key decryption key"},
246 	{11, OTP_KEY_TYPE_RSA_PUB,  OTP_BIG_END, 0, "RSA-public as AES key decryption key(big endian)"},
247 	{12, OTP_KEY_TYPE_RSA_PRIV, OTP_LIT_END, 0, "RSA-private as AES key decryption key"},
248 	{13, OTP_KEY_TYPE_RSA_PRIV, OTP_BIG_END, 0, "RSA-private as AES key decryption key(big endian)"},
249 };
250 
251 static void buf_print(u8 *buf, int len)
252 {
253 	int i;
254 
255 	printf("      00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F\n");
256 	for (i = 0; i < len; i++) {
257 		if (i % 16 == 0)
258 			printf("%04X: ", i);
259 		printf("%02X ", buf[i]);
260 		if ((i + 1) % 16 == 0)
261 			printf("\n");
262 	}
263 	printf("\n");
264 }
265 
266 static int get_dw_bit(u32 *rid, int offset)
267 {
268 	int bit_offset;
269 	int i;
270 
271 	if (offset < 32) {
272 		i = 0;
273 		bit_offset = offset;
274 	} else {
275 		i = 1;
276 		bit_offset = offset - 32;
277 	}
278 	if ((rid[i] >> bit_offset) & 0x1)
279 		return 1;
280 	else
281 		return 0;
282 }
283 
284 static int get_rid_num(u32 *rid)
285 {
286 	int i;
287 	int fz = 0;
288 	int rid_num = 0;
289 	int ret = 0;
290 
291 	for (i = 0; i < 64; i++) {
292 		if (get_dw_bit(rid, i) == 0) {
293 			if (!fz)
294 				fz = 1;
295 
296 		} else {
297 			rid_num++;
298 			if (fz)
299 				ret = OTP_FAILURE;
300 		}
301 	}
302 	if (ret)
303 		return ret;
304 
305 	return rid_num;
306 }
307 
308 static void sb_sha256(u8 *src, u32 len, u8 *digest_ret)
309 {
310 	sha256_context ctx;
311 
312 	sha256_starts(&ctx);
313 	sha256_update(&ctx, src, len);
314 	sha256_finish(&ctx, digest_ret);
315 }
316 
317 static void sb_sha384(u8 *src, u32 len, u8 *digest_ret)
318 {
319 	sha512_context ctx;
320 
321 	sha384_starts(&ctx);
322 	sha384_update(&ctx, src, len);
323 	sha384_finish(&ctx, digest_ret);
324 }
325 
326 static void sb_sha512(u8 *src, u32 len, u8 *digest_ret)
327 {
328 	sha512_context ctx;
329 
330 	sha512_starts(&ctx);
331 	sha512_update(&ctx, src, len);
332 	sha512_finish(&ctx, digest_ret);
333 }
334 
335 static u32 chip_version(void)
336 {
337 	u32 revid0, revid1;
338 
339 	revid0 = readl(ASPEED_REVISION_ID0);
340 	revid1 = readl(ASPEED_REVISION_ID1);
341 
342 	if (revid0 == ID0_AST2600A0 && revid1 == ID1_AST2600A0) {
343 		/* AST2600-A0 */
344 		return OTP_A0;
345 	} else if (revid0 == ID0_AST2600A1 && revid1 == ID1_AST2600A1) {
346 		/* AST2600-A1 */
347 		return OTP_A1;
348 	} else if (revid0 == ID0_AST2600A2 && revid1 == ID1_AST2600A2) {
349 		/* AST2600-A2 */
350 		return OTP_A2;
351 	} else if (revid0 == ID0_AST2600A3 && revid1 == ID1_AST2600A3) {
352 		/* AST2600-A3 */
353 		return OTP_A3;
354 	} else if (revid0 == ID0_AST2620A1 && revid1 == ID1_AST2620A1) {
355 		/* AST2620-A1 */
356 		return OTP_A1;
357 	} else if (revid0 == ID0_AST2620A2 && revid1 == ID1_AST2620A2) {
358 		/* AST2620-A2 */
359 		return OTP_A2;
360 	} else if (revid0 == ID0_AST2620A3 && revid1 == ID1_AST2620A3) {
361 		/* AST2620-A3 */
362 		return OTP_A3;
363 	} else if (revid0 == ID0_AST2605A2 && revid1 == ID1_AST2605A2) {
364 		/* AST2605-A2 */
365 		return OTP_A2;
366 	} else if (revid0 == ID0_AST2605A3 && revid1 == ID1_AST2605A3) {
367 		/* AST2605-A3 */
368 		return OTP_A3;
369 	} else if (revid0 == ID0_AST2625A3 && revid1 == ID1_AST2625A3) {
370 		/* AST2605-A3 */
371 		return OTP_A3;
372 	}
373 	return OTP_FAILURE;
374 }
375 
376 static int wait_complete(void)
377 {
378 	u32 val;
379 	int ret;
380 
381 	udelay(1);
382 	ret = readl_poll_timeout(OTP_STATUS, val, (val & 0x6) == 0x6, 100000);
383 	if (ret)
384 		printf("%s: timeout, SEC14 = 0x%x\n", __func__, val);
385 
386 	return ret;
387 }
388 
389 static void otp_write(u32 otp_addr, u32 data)
390 {
391 	writel(otp_addr, OTP_ADDR); //write address
392 	writel(data, OTP_COMPARE_1); //write data
393 	writel(0x23b1e362, OTP_COMMAND); //write command
394 	wait_complete();
395 }
396 
397 static void otp_soak(int soak)
398 {
399 	if (info_cb.version == OTP_A2 || info_cb.version == OTP_A3) {
400 		switch (soak) {
401 		case 0: //default
402 			otp_write(0x3000, 0x0); // Write MRA
403 			otp_write(0x5000, 0x0); // Write MRB
404 			otp_write(0x1000, 0x0); // Write MR
405 			break;
406 		case 1: //normal program
407 			otp_write(0x3000, 0x1320); // Write MRA
408 			otp_write(0x5000, 0x1008); // Write MRB
409 			otp_write(0x1000, 0x0024); // Write MR
410 			writel(0x04191388, OTP_TIMING); // 200us
411 			break;
412 		case 2: //soak program
413 			otp_write(0x3000, 0x1320); // Write MRA
414 			otp_write(0x5000, 0x0007); // Write MRB
415 			otp_write(0x1000, 0x0100); // Write MR
416 			writel(0x04193a98, OTP_TIMING); // 600us
417 			break;
418 		}
419 	} else {
420 		switch (soak) {
421 		case 0: //default
422 			otp_write(0x3000, 0x0); // Write MRA
423 			otp_write(0x5000, 0x0); // Write MRB
424 			otp_write(0x1000, 0x0); // Write MR
425 			break;
426 		case 1: //normal program
427 			otp_write(0x3000, 0x4021); // Write MRA
428 			otp_write(0x5000, 0x302f); // Write MRB
429 			otp_write(0x1000, 0x4020); // Write MR
430 			writel(0x04190760, OTP_TIMING); // 75us
431 			break;
432 		case 2: //soak program
433 			otp_write(0x3000, 0x4021); // Write MRA
434 			otp_write(0x5000, 0x1027); // Write MRB
435 			otp_write(0x1000, 0x4820); // Write MR
436 			writel(0x041930d4, OTP_TIMING); // 500us
437 			break;
438 		}
439 	}
440 
441 	wait_complete();
442 }
443 
444 static void otp_read_data(u32 offset, u32 *data)
445 {
446 	writel(offset, OTP_ADDR); //Read address
447 	writel(0x23b1e361, OTP_COMMAND); //trigger read
448 	wait_complete();
449 	data[0] = readl(OTP_COMPARE_1);
450 	data[1] = readl(OTP_COMPARE_2);
451 }
452 
453 static void otp_read_conf(u32 offset, u32 *data)
454 {
455 	int config_offset;
456 
457 	config_offset = 0x800;
458 	config_offset |= (offset / 8) * 0x200;
459 	config_offset |= (offset % 8) * 0x2;
460 
461 	writel(config_offset, OTP_ADDR);  //Read address
462 	writel(0x23b1e361, OTP_COMMAND); //trigger read
463 	wait_complete();
464 	data[0] = readl(OTP_COMPARE_1);
465 }
466 
467 static int otp_compare(u32 otp_addr, u32 addr)
468 {
469 	u32 ret;
470 	u32 *buf;
471 
472 	buf = map_physmem(addr, 16, MAP_WRBACK);
473 	printf("%08X\n", buf[0]);
474 	printf("%08X\n", buf[1]);
475 	printf("%08X\n", buf[2]);
476 	printf("%08X\n", buf[3]);
477 	writel(otp_addr, OTP_ADDR); //Compare address
478 	writel(buf[0], OTP_COMPARE_1); //Compare data 1
479 	writel(buf[1], OTP_COMPARE_2); //Compare data 2
480 	writel(buf[2], OTP_COMPARE_3); //Compare data 3
481 	writel(buf[3], OTP_COMPARE_4); //Compare data 4
482 	writel(0x23b1e363, OTP_COMMAND); //Compare command
483 	wait_complete();
484 	ret = readl(OTP_STATUS); //Compare command
485 	if (ret & 0x1)
486 		return OTP_SUCCESS;
487 	else
488 		return OTP_FAILURE;
489 }
490 
491 static int verify_bit(u32 otp_addr, int bit_offset, int value)
492 {
493 	u32 ret[2];
494 
495 	if (otp_addr % 2 == 0)
496 		writel(otp_addr, OTP_ADDR); //Read address
497 	else
498 		writel(otp_addr - 1, OTP_ADDR); //Read address
499 
500 	writel(0x23b1e361, OTP_COMMAND); //trigger read
501 	wait_complete();
502 	ret[0] = readl(OTP_COMPARE_1);
503 	ret[1] = readl(OTP_COMPARE_2);
504 
505 	if (otp_addr % 2 == 0) {
506 		if (((ret[0] >> bit_offset) & 1) == value)
507 			return OTP_SUCCESS;
508 		else
509 			return OTP_FAILURE;
510 	} else {
511 		if (((ret[1] >> bit_offset) & 1) == value)
512 			return OTP_SUCCESS;
513 		else
514 			return OTP_FAILURE;
515 	}
516 }
517 
518 static u32 verify_dw(u32 otp_addr, u32 *value, u32 *ignore, u32 *compare, int size)
519 {
520 	u32 ret[2];
521 
522 	otp_addr &= ~(1 << 15);
523 
524 	if (otp_addr % 2 == 0)
525 		writel(otp_addr, OTP_ADDR); //Read address
526 	else
527 		writel(otp_addr - 1, OTP_ADDR); //Read address
528 	writel(0x23b1e361, OTP_COMMAND); //trigger read
529 	wait_complete();
530 	ret[0] = readl(OTP_COMPARE_1);
531 	ret[1] = readl(OTP_COMPARE_2);
532 	if (size == 1) {
533 		if (otp_addr % 2 == 0) {
534 			// printf("check %x : %x = %x\n", otp_addr, ret[0], value[0]);
535 			if ((value[0] & ~ignore[0]) == (ret[0] & ~ignore[0])) {
536 				compare[0] = 0;
537 				return OTP_SUCCESS;
538 			}
539 			compare[0] = value[0] ^ ret[0];
540 			return OTP_FAILURE;
541 
542 		} else {
543 			// printf("check %x : %x = %x\n", otp_addr, ret[1], value[0]);
544 			if ((value[0] & ~ignore[0]) == (ret[1] & ~ignore[0])) {
545 				compare[0] = ~0;
546 				return OTP_SUCCESS;
547 			}
548 			compare[0] = ~(value[0] ^ ret[1]);
549 			return OTP_FAILURE;
550 		}
551 	} else if (size == 2) {
552 		// otp_addr should be even
553 		if ((value[0] & ~ignore[0]) == (ret[0] & ~ignore[0]) && (value[1] & ~ignore[1]) == (ret[1] & ~ignore[1])) {
554 			// printf("check[0] %x : %x = %x\n", otp_addr, ret[0], value[0]);
555 			// printf("check[1] %x : %x = %x\n", otp_addr, ret[1], value[1]);
556 			compare[0] = 0;
557 			compare[1] = ~0;
558 			return OTP_SUCCESS;
559 		}
560 		// printf("check[0] %x : %x = %x\n", otp_addr, ret[0], value[0]);
561 		// printf("check[1] %x : %x = %x\n", otp_addr, ret[1], value[1]);
562 		compare[0] = value[0] ^ ret[0];
563 		compare[1] = ~(value[1] ^ ret[1]);
564 		return OTP_FAILURE;
565 	} else {
566 		return OTP_FAILURE;
567 	}
568 }
569 
570 static int otp_prog(u32 otp_addr, u32 prog_bit)
571 {
572 	otp_write(0x0, prog_bit);
573 	writel(otp_addr, OTP_ADDR); //write address
574 	writel(prog_bit, OTP_COMPARE_1); //write data
575 	writel(0x23b1e364, OTP_COMMAND); //write command
576 
577 	return wait_complete();
578 }
579 
580 static int _otp_prog_bit(u32 value, u32 prog_address, u32 bit_offset)
581 {
582 	int prog_bit;
583 
584 	if (prog_address % 2 == 0) {
585 		if (value)
586 			prog_bit = ~(0x1 << bit_offset);
587 		else
588 			return 0;
589 	} else {
590 		if (info_cb.version != OTP_A3)
591 			prog_address |= 1 << 15;
592 		if (!value)
593 			prog_bit = 0x1 << bit_offset;
594 		else
595 			return 0;
596 	}
597 	return otp_prog(prog_address, prog_bit);
598 }
599 
600 static int otp_prog_dc_b(u32 value, u32 prog_address, u32 bit_offset)
601 {
602 	int pass;
603 	int i;
604 	int ret;
605 
606 	otp_soak(1);
607 	ret = _otp_prog_bit(value, prog_address, bit_offset);
608 	if (ret)
609 		return OTP_FAILURE;
610 	pass = 0;
611 
612 	for (i = 0; i < RETRY; i++) {
613 		if (verify_bit(prog_address, bit_offset, value) != 0) {
614 			otp_soak(2);
615 			ret = _otp_prog_bit(value, prog_address, bit_offset);
616 			if (ret)
617 				return OTP_FAILURE;
618 			if (verify_bit(prog_address, bit_offset, value) != 0) {
619 				otp_soak(1);
620 			} else {
621 				pass = 1;
622 				break;
623 			}
624 		} else {
625 			pass = 1;
626 			break;
627 		}
628 	}
629 	if (pass)
630 		return OTP_SUCCESS;
631 
632 	return OTP_FAILURE;
633 }
634 
635 static int otp_prog_dw(u32 value, u32 ignore, u32 prog_address)
636 {
637 	int j, bit_value, prog_bit;
638 	int ret;
639 
640 	for (j = 0; j < 32; j++) {
641 		if ((ignore >> j) & 0x1)
642 			continue;
643 		bit_value = (value >> j) & 0x1;
644 		if (prog_address % 2 == 0) {
645 			if (bit_value)
646 				prog_bit = ~(0x1 << j);
647 			else
648 				continue;
649 		} else {
650 			if (info_cb.version != OTP_A3)
651 				prog_address |= 1 << 15;
652 			if (bit_value)
653 				continue;
654 			else
655 				prog_bit = 0x1 << j;
656 		}
657 		ret = otp_prog(prog_address, prog_bit);
658 		if (ret)
659 			return ret;
660 	}
661 	return 0;
662 }
663 
664 static int otp_prog_verify_2dw(u32 *data, u32 *buf, u32 *ignore_mask, u32 prog_address)
665 {
666 	int pass;
667 	int i;
668 	u32 data0_masked;
669 	u32 data1_masked;
670 	u32 buf0_masked;
671 	u32 buf1_masked;
672 	u32 compare[2];
673 	int ret;
674 
675 	data0_masked = data[0]  & ~ignore_mask[0];
676 	buf0_masked  = buf[0] & ~ignore_mask[0];
677 	data1_masked = data[1]  & ~ignore_mask[1];
678 	buf1_masked  = buf[1] & ~ignore_mask[1];
679 	if (data0_masked == buf0_masked && data1_masked == buf1_masked)
680 		return OTP_SUCCESS;
681 
682 	for (i = 0; i < 32; i++) {
683 		if (((data0_masked >> i) & 0x1) == 1 && ((buf0_masked >> i) & 0x1) == 0)
684 			return OTP_FAILURE;
685 		if (((data1_masked >> i) & 0x1) == 0 && ((buf1_masked >> i) & 0x1) == 1)
686 			return OTP_FAILURE;
687 	}
688 
689 	otp_soak(1);
690 	if (data0_masked != buf0_masked) {
691 		ret = otp_prog_dw(buf[0], ignore_mask[0], prog_address);
692 		if (ret)
693 			return OTP_FAILURE;
694 	}
695 
696 	if (data1_masked != buf1_masked) {
697 		ret = otp_prog_dw(buf[1], ignore_mask[1], prog_address + 1);
698 		if (ret)
699 			return OTP_FAILURE;
700 	}
701 
702 	pass = 0;
703 	for (i = 0; i < RETRY; i++) {
704 		if (verify_dw(prog_address, buf, ignore_mask, compare, 2) != 0) {
705 			otp_soak(2);
706 			if (compare[0] != 0) {
707 				ret = otp_prog_dw(compare[0], ignore_mask[0], prog_address);
708 				if (ret)
709 					return OTP_FAILURE;
710 			}
711 			if (compare[1] != ~0) {
712 				ret = otp_prog_dw(compare[1], ignore_mask[1], prog_address + 1);
713 				if (ret)
714 					return OTP_FAILURE;
715 			}
716 			if (verify_dw(prog_address, buf, ignore_mask, compare, 2) != 0) {
717 				otp_soak(1);
718 			} else {
719 				pass = 1;
720 				break;
721 			}
722 		} else {
723 			pass = 1;
724 			break;
725 		}
726 	}
727 
728 	if (!pass) {
729 		otp_soak(0);
730 		return OTP_FAILURE;
731 	}
732 	return OTP_SUCCESS;
733 }
734 
735 static void otp_strap_status(struct otpstrap_status *otpstrap)
736 {
737 	u32 OTPSTRAP_RAW[2];
738 	int strap_end;
739 	int i, j;
740 
741 	if (info_cb.version == OTP_A0) {
742 		for (j = 0; j < 64; j++) {
743 			otpstrap[j].value = 0;
744 			otpstrap[j].remain_times = 7;
745 			otpstrap[j].writeable_option = -1;
746 			otpstrap[j].protected = 0;
747 		}
748 		strap_end = 30;
749 	} else {
750 		for (j = 0; j < 64; j++) {
751 			otpstrap[j].value = 0;
752 			otpstrap[j].remain_times = 6;
753 			otpstrap[j].writeable_option = -1;
754 			otpstrap[j].protected = 0;
755 		}
756 		strap_end = 28;
757 	}
758 
759 	otp_soak(0);
760 	for (i = 16; i < strap_end; i += 2) {
761 		int option = (i - 16) / 2;
762 
763 		otp_read_conf(i, &OTPSTRAP_RAW[0]);
764 		otp_read_conf(i + 1, &OTPSTRAP_RAW[1]);
765 		for (j = 0; j < 32; j++) {
766 			char bit_value = ((OTPSTRAP_RAW[0] >> j) & 0x1);
767 
768 			if (bit_value == 0 && otpstrap[j].writeable_option == -1)
769 				otpstrap[j].writeable_option = option;
770 			if (bit_value == 1)
771 				otpstrap[j].remain_times--;
772 			otpstrap[j].value ^= bit_value;
773 			otpstrap[j].option_array[option] = bit_value;
774 		}
775 		for (j = 32; j < 64; j++) {
776 			char bit_value = ((OTPSTRAP_RAW[1] >> (j - 32)) & 0x1);
777 
778 			if (bit_value == 0 && otpstrap[j].writeable_option == -1)
779 				otpstrap[j].writeable_option = option;
780 			if (bit_value == 1)
781 				otpstrap[j].remain_times--;
782 			otpstrap[j].value ^= bit_value;
783 			otpstrap[j].option_array[option] = bit_value;
784 		}
785 	}
786 
787 	otp_read_conf(30, &OTPSTRAP_RAW[0]);
788 	otp_read_conf(31, &OTPSTRAP_RAW[1]);
789 	for (j = 0; j < 32; j++) {
790 		if (((OTPSTRAP_RAW[0] >> j) & 0x1) == 1)
791 			otpstrap[j].protected = 1;
792 	}
793 	for (j = 32; j < 64; j++) {
794 		if (((OTPSTRAP_RAW[1] >> (j - 32)) & 0x1) == 1)
795 			otpstrap[j].protected = 1;
796 	}
797 }
798 
799 static int otp_strap_bit_confirm(struct otpstrap_status *otpstrap, int offset, int ibit, int bit, int pbit)
800 {
801 	int prog_flag = 0;
802 
803 	// ignore this bit
804 	if (ibit == 1)
805 		return OTP_SUCCESS;
806 	printf("OTPSTRAP[0x%X]:\n", offset);
807 
808 	if (bit == otpstrap->value) {
809 		if (!pbit) {
810 			printf("    The value is same as before, skip it.\n");
811 			return OTP_PROG_SKIP;
812 		}
813 		printf("    The value is same as before.\n");
814 	} else {
815 		prog_flag = 1;
816 	}
817 	if (otpstrap->protected == 1 && prog_flag) {
818 		printf("    This bit is protected and is not writable\n");
819 		return OTP_FAILURE;
820 	}
821 	if (otpstrap->remain_times == 0 && prog_flag) {
822 		printf("    This bit has no remaining chance to write.\n");
823 		return OTP_FAILURE;
824 	}
825 	if (pbit == 1)
826 		printf("    This bit will be protected and become non-writable.\n");
827 	if (prog_flag)
828 		printf("    Write 1 to OTPSTRAP[0x%X] OPTION[0x%X], that value becomes from 0x%X to 0x%X.\n", offset, otpstrap->writeable_option + 1, otpstrap->value, otpstrap->value ^ 1);
829 
830 	return OTP_SUCCESS;
831 }
832 
833 static int otp_prog_strap_b(int bit_offset, int value)
834 {
835 	struct otpstrap_status otpstrap[64];
836 	u32 prog_address;
837 	int offset;
838 	int ret;
839 
840 	otp_strap_status(otpstrap);
841 
842 	ret = otp_strap_bit_confirm(&otpstrap[bit_offset], bit_offset, 0, value, 0);
843 
844 	if (ret != OTP_SUCCESS)
845 		return ret;
846 
847 	prog_address = 0x800;
848 	if (bit_offset < 32) {
849 		offset = bit_offset;
850 		prog_address |= ((otpstrap[bit_offset].writeable_option * 2 + 16) / 8) * 0x200;
851 		prog_address |= ((otpstrap[bit_offset].writeable_option * 2 + 16) % 8) * 0x2;
852 
853 	} else {
854 		offset = (bit_offset - 32);
855 		prog_address |= ((otpstrap[bit_offset].writeable_option * 2 + 17) / 8) * 0x200;
856 		prog_address |= ((otpstrap[bit_offset].writeable_option * 2 + 17) % 8) * 0x2;
857 	}
858 
859 	return otp_prog_dc_b(1, prog_address, offset);
860 }
861 
862 static int otp_print_conf(u32 offset, int dw_count)
863 {
864 	int i;
865 	u32 ret[1];
866 
867 	if (offset + dw_count > 32)
868 		return OTP_USAGE;
869 	otp_soak(0);
870 	for (i = offset; i < offset + dw_count; i++) {
871 		otp_read_conf(i, ret);
872 		printf("OTPCFG0x%X: 0x%08X\n", i, ret[0]);
873 	}
874 	printf("\n");
875 	return OTP_SUCCESS;
876 }
877 
878 static int otp_print_data(u32 offset, int dw_count)
879 {
880 	int i;
881 	u32 ret[2];
882 
883 	if (offset + dw_count > 2048 || offset % 4 != 0)
884 		return OTP_USAGE;
885 	otp_soak(0);
886 	for (i = offset; i < offset + dw_count; i += 2) {
887 		otp_read_data(i, ret);
888 		if (i % 4 == 0)
889 			printf("%03X: %08X %08X ", i * 4, ret[0], ret[1]);
890 		else
891 			printf("%08X %08X\n", ret[0], ret[1]);
892 	}
893 	printf("\n");
894 	return OTP_SUCCESS;
895 }
896 
897 static int otp_print_strap(int start, int count)
898 {
899 	int i, j;
900 	int remains;
901 	struct otpstrap_status otpstrap[64];
902 
903 	if (start < 0 || start > 64)
904 		return OTP_USAGE;
905 
906 	if ((start + count) < 0 || (start + count) > 64)
907 		return OTP_USAGE;
908 
909 	otp_strap_status(otpstrap);
910 
911 	if (info_cb.version == OTP_A0)
912 		remains = 7;
913 	else
914 		remains = 6;
915 	printf("BIT(hex)  Value  Option           Status\n");
916 	printf("______________________________________________________________________________\n");
917 
918 	for (i = start; i < start + count; i++) {
919 		printf("0x%-8X", i);
920 		printf("%-7d", otpstrap[i].value);
921 		for (j = 0; j < remains; j++)
922 			printf("%d ", otpstrap[i].option_array[j]);
923 		printf("   ");
924 		if (otpstrap[i].protected == 1) {
925 			printf("protected and not writable");
926 		} else {
927 			printf("not protected ");
928 			if (otpstrap[i].remain_times == 0)
929 				printf("and no remaining times to write.");
930 			else
931 				printf("and still can write %d times", otpstrap[i].remain_times);
932 		}
933 		printf("\n");
934 	}
935 
936 	return OTP_SUCCESS;
937 }
938 
939 static void otp_print_revid(u32 *rid)
940 {
941 	int bit_offset;
942 	int i, j;
943 
944 	printf("     0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f\n");
945 	printf("___________________________________________________\n");
946 	for (i = 0; i < 64; i++) {
947 		if (i < 32) {
948 			j = 0;
949 			bit_offset = i;
950 		} else {
951 			j = 1;
952 			bit_offset = i - 32;
953 		}
954 		if (i % 16 == 0)
955 			printf("%2x | ", i);
956 		printf("%d  ", (rid[j] >> bit_offset) & 0x1);
957 		if ((i + 1) % 16 == 0)
958 			printf("\n");
959 	}
960 }
961 
962 static int otp_print_scu_image(struct otp_image_layout *image_layout)
963 {
964 	const struct scu_info *scu_info = info_cb.scu_info;
965 	u32 *OTPSCU = (u32 *)image_layout->scu_pro;
966 	u32 *OTPSCU_IGNORE = (u32 *)image_layout->scu_pro_ignore;
967 	int i;
968 	u32 scu_offset;
969 	u32 dw_offset;
970 	u32 bit_offset;
971 	u32 mask;
972 	u32 otp_value;
973 	u32 otp_ignore;
974 
975 	printf("SCU     BIT          reg_protect     Description\n");
976 	printf("____________________________________________________________________\n");
977 	for (i = 0; i < info_cb.scu_info_len; i++) {
978 		mask = BIT(scu_info[i].length) - 1;
979 
980 		if (scu_info[i].bit_offset > 31) {
981 			scu_offset = 0x510;
982 			dw_offset = 1;
983 			bit_offset = scu_info[i].bit_offset - 32;
984 		} else {
985 			scu_offset = 0x500;
986 			dw_offset = 0;
987 			bit_offset = scu_info[i].bit_offset;
988 		}
989 
990 		otp_value = (OTPSCU[dw_offset] >> bit_offset) & mask;
991 		otp_ignore = (OTPSCU_IGNORE[dw_offset] >> bit_offset) & mask;
992 
993 		if (otp_ignore == mask)
994 			continue;
995 		else if (otp_ignore != 0)
996 			return OTP_FAILURE;
997 
998 		if (otp_value != 0 && otp_value != mask)
999 			return OTP_FAILURE;
1000 
1001 		printf("0x%-6X", scu_offset);
1002 		if (scu_info[i].length == 1)
1003 			printf("0x%-11X", bit_offset);
1004 		else
1005 			printf("0x%-2X:0x%-6x", bit_offset, bit_offset + scu_info[i].length - 1);
1006 		printf("0x%-14X", otp_value);
1007 		printf("%s\n", scu_info[i].information);
1008 	}
1009 	return OTP_SUCCESS;
1010 }
1011 
1012 static void otp_print_scu_info(void)
1013 {
1014 	const struct scu_info *scu_info = info_cb.scu_info;
1015 	u32 OTPCFG[2];
1016 	u32 scu_offset;
1017 	u32 bit_offset;
1018 	u32 reg_p;
1019 	u32 length;
1020 	int i, j;
1021 
1022 	otp_soak(0);
1023 	otp_read_conf(28, &OTPCFG[0]);
1024 	otp_read_conf(29, &OTPCFG[1]);
1025 	printf("SCU     BIT   reg_protect     Description\n");
1026 	printf("____________________________________________________________________\n");
1027 	for (i = 0; i < info_cb.scu_info_len; i++) {
1028 		length = scu_info[i].length;
1029 		for (j = 0; j < length; j++) {
1030 			if (scu_info[i].bit_offset + j < 32) {
1031 				scu_offset = 0x500;
1032 				bit_offset = scu_info[i].bit_offset + j;
1033 				reg_p = (OTPCFG[0] >> bit_offset) & 0x1;
1034 			} else {
1035 				scu_offset = 0x510;
1036 				bit_offset = scu_info[i].bit_offset + j - 32;
1037 				reg_p = (OTPCFG[1] >> bit_offset) & 0x1;
1038 			}
1039 			printf("0x%-6X", scu_offset);
1040 			printf("0x%-4X", bit_offset);
1041 			printf("0x%-13X", reg_p);
1042 			if (length == 1) {
1043 				printf(" %s\n", scu_info[i].information);
1044 				continue;
1045 			}
1046 
1047 			if (j == 0)
1048 				printf("/%s\n", scu_info[i].information);
1049 			else if (j == length - 1)
1050 				printf("\\ \"\n");
1051 			else
1052 				printf("| \"\n");
1053 		}
1054 	}
1055 }
1056 
1057 static int otp_print_conf_image(struct otp_image_layout *image_layout)
1058 {
1059 	const struct otpconf_info *conf_info = info_cb.conf_info;
1060 	u32 *OTPCFG = (u32 *)image_layout->conf;
1061 	u32 *OTPCFG_IGNORE = (u32 *)image_layout->conf_ignore;
1062 	u32 mask;
1063 	u32 dw_offset;
1064 	u32 bit_offset;
1065 	u32 otp_value;
1066 	u32 otp_ignore;
1067 	int fail = 0;
1068 	int mask_err;
1069 	int rid_num = 0;
1070 	char valid_bit[20];
1071 	int fz;
1072 	int i;
1073 	int j;
1074 
1075 	printf("DW    BIT        Value       Description\n");
1076 	printf("__________________________________________________________________________\n");
1077 	for (i = 0; i < info_cb.conf_info_len; i++) {
1078 		mask_err = 0;
1079 		dw_offset = conf_info[i].dw_offset;
1080 		bit_offset = conf_info[i].bit_offset;
1081 		mask = BIT(conf_info[i].length) - 1;
1082 		otp_value = (OTPCFG[dw_offset] >> bit_offset) & mask;
1083 		otp_ignore = (OTPCFG_IGNORE[dw_offset] >> bit_offset) & mask;
1084 
1085 		if (conf_info[i].value == OTP_REG_VALID_BIT) {
1086 			if (((otp_value + otp_ignore) & mask) != mask) {
1087 				fail = 1;
1088 				mask_err = 1;
1089 			}
1090 		} else {
1091 			if (otp_ignore == mask) {
1092 				continue;
1093 			} else if (otp_ignore != 0) {
1094 				fail = 1;
1095 				mask_err = 1;
1096 			}
1097 		}
1098 
1099 		if (otp_value != conf_info[i].value &&
1100 		    conf_info[i].value != OTP_REG_RESERVED &&
1101 		    conf_info[i].value != OTP_REG_VALUE &&
1102 		    conf_info[i].value != OTP_REG_VALID_BIT)
1103 			continue;
1104 		printf("0x%-4X", dw_offset);
1105 
1106 		if (conf_info[i].length == 1) {
1107 			printf("0x%-9X", conf_info[i].bit_offset);
1108 		} else {
1109 			printf("0x%-2X:0x%-4X",
1110 			       conf_info[i].bit_offset + conf_info[i].length - 1,
1111 			       conf_info[i].bit_offset);
1112 		}
1113 		printf("0x%-10x", otp_value);
1114 
1115 		if (mask_err) {
1116 			printf("Ignore, mask error\n");
1117 			continue;
1118 		}
1119 		if (conf_info[i].value == OTP_REG_RESERVED) {
1120 			printf("Reserved\n");
1121 		} else if (conf_info[i].value == OTP_REG_VALUE) {
1122 			printf(conf_info[i].information, otp_value);
1123 			printf("\n");
1124 		} else if (conf_info[i].value == OTP_REG_VALID_BIT) {
1125 			if (otp_value != 0) {
1126 				for (j = 0; j < 7; j++) {
1127 					if (otp_value & (1 << j))
1128 						valid_bit[j * 2] = '1';
1129 					else
1130 						valid_bit[j * 2] = '0';
1131 					valid_bit[j * 2 + 1] = ' ';
1132 				}
1133 				valid_bit[15] = 0;
1134 			} else {
1135 				strcpy(valid_bit, "0 0 0 0 0 0 0 0\0");
1136 			}
1137 			printf(conf_info[i].information, valid_bit);
1138 			printf("\n");
1139 		} else {
1140 			printf("%s\n", conf_info[i].information);
1141 		}
1142 	}
1143 
1144 	if (OTPCFG[0xa] != 0 || OTPCFG[0xb] != 0) {
1145 		if (OTPCFG_IGNORE[0xa] != 0 && OTPCFG_IGNORE[0xb] != 0) {
1146 			printf("OTP revision ID is invalid.\n");
1147 			fail = 1;
1148 		} else {
1149 			fz = 0;
1150 			for (i = 0; i < 64; i++) {
1151 				if (get_dw_bit(&OTPCFG[0xa], i) == 0) {
1152 					if (!fz)
1153 						fz = 1;
1154 				} else {
1155 					rid_num++;
1156 					if (fz) {
1157 						printf("OTP revision ID is invalid.\n");
1158 						fail = 1;
1159 						break;
1160 					}
1161 				}
1162 			}
1163 		}
1164 		if (fail)
1165 			printf("OTP revision ID\n");
1166 		else
1167 			printf("OTP revision ID: 0x%x\n", rid_num);
1168 		otp_print_revid(&OTPCFG[0xa]);
1169 	}
1170 
1171 	if (fail)
1172 		return OTP_FAILURE;
1173 
1174 	return OTP_SUCCESS;
1175 }
1176 
1177 static int otp_print_conf_info(int input_offset)
1178 {
1179 	const struct otpconf_info *conf_info = info_cb.conf_info;
1180 	u32 OTPCFG[16];
1181 	u32 mask;
1182 	u32 dw_offset;
1183 	u32 bit_offset;
1184 	u32 otp_value;
1185 	char valid_bit[20];
1186 	int i;
1187 	int j;
1188 
1189 	otp_soak(0);
1190 	for (i = 0; i < 16; i++)
1191 		otp_read_conf(i, &OTPCFG[i]);
1192 
1193 	printf("DW    BIT        Value       Description\n");
1194 	printf("__________________________________________________________________________\n");
1195 	for (i = 0; i < info_cb.conf_info_len; i++) {
1196 		if (input_offset != -1 && input_offset != conf_info[i].dw_offset)
1197 			continue;
1198 		dw_offset = conf_info[i].dw_offset;
1199 		bit_offset = conf_info[i].bit_offset;
1200 		mask = BIT(conf_info[i].length) - 1;
1201 		otp_value = (OTPCFG[dw_offset] >> bit_offset) & mask;
1202 
1203 		if (otp_value != conf_info[i].value &&
1204 		    conf_info[i].value != OTP_REG_RESERVED &&
1205 		    conf_info[i].value != OTP_REG_VALUE &&
1206 		    conf_info[i].value != OTP_REG_VALID_BIT)
1207 			continue;
1208 		printf("0x%-4X", dw_offset);
1209 
1210 		if (conf_info[i].length == 1) {
1211 			printf("0x%-9X", conf_info[i].bit_offset);
1212 		} else {
1213 			printf("0x%-2X:0x%-4X",
1214 			       conf_info[i].bit_offset + conf_info[i].length - 1,
1215 			       conf_info[i].bit_offset);
1216 		}
1217 		printf("0x%-10x", otp_value);
1218 
1219 		if (conf_info[i].value == OTP_REG_RESERVED) {
1220 			printf("Reserved\n");
1221 		} else if (conf_info[i].value == OTP_REG_VALUE) {
1222 			printf(conf_info[i].information, otp_value);
1223 			printf("\n");
1224 		} else if (conf_info[i].value == OTP_REG_VALID_BIT) {
1225 			if (otp_value != 0) {
1226 				for (j = 0; j < 7; j++) {
1227 					if (otp_value & (1 << j))
1228 						valid_bit[j * 2] = '1';
1229 					else
1230 						valid_bit[j * 2] = '0';
1231 					valid_bit[j * 2 + 1] = ' ';
1232 				}
1233 				valid_bit[15] = 0;
1234 			} else {
1235 				strcpy(valid_bit, "0 0 0 0 0 0 0 0\0");
1236 			}
1237 			printf(conf_info[i].information, valid_bit);
1238 			printf("\n");
1239 		} else {
1240 			printf("%s\n", conf_info[i].information);
1241 		}
1242 	}
1243 	return OTP_SUCCESS;
1244 }
1245 
1246 static int otp_print_strap_image(struct otp_image_layout *image_layout)
1247 {
1248 	const struct otpstrap_info *strap_info = info_cb.strap_info;
1249 	u32 *OTPSTRAP;
1250 	u32 *OTPSTRAP_PRO;
1251 	u32 *OTPSTRAP_IGNORE;
1252 	int i;
1253 	int fail = 0;
1254 	u32 bit_offset;
1255 	u32 dw_offset;
1256 	u32 mask;
1257 	u32 otp_value;
1258 	u32 otp_protect;
1259 	u32 otp_ignore;
1260 
1261 	OTPSTRAP = (u32 *)image_layout->strap;
1262 	OTPSTRAP_PRO = (u32 *)image_layout->strap_pro;
1263 	OTPSTRAP_IGNORE = (u32 *)image_layout->strap_ignore;
1264 
1265 	printf("BIT(hex)   Value       Protect     Description\n");
1266 	printf("__________________________________________________________________________________________\n");
1267 
1268 	for (i = 0; i < info_cb.strap_info_len; i++) {
1269 		fail = 0;
1270 		if (strap_info[i].bit_offset > 31) {
1271 			dw_offset = 1;
1272 			bit_offset = strap_info[i].bit_offset - 32;
1273 		} else {
1274 			dw_offset = 0;
1275 			bit_offset = strap_info[i].bit_offset;
1276 		}
1277 
1278 		mask = BIT(strap_info[i].length) - 1;
1279 		otp_value = (OTPSTRAP[dw_offset] >> bit_offset) & mask;
1280 		otp_protect = (OTPSTRAP_PRO[dw_offset] >> bit_offset) & mask;
1281 		otp_ignore = (OTPSTRAP_IGNORE[dw_offset] >> bit_offset) & mask;
1282 
1283 		if (otp_ignore == mask)
1284 			continue;
1285 		else if (otp_ignore != 0)
1286 			fail = 1;
1287 
1288 		if (otp_value != strap_info[i].value &&
1289 		    strap_info[i].value != OTP_REG_RESERVED)
1290 			continue;
1291 
1292 		if (strap_info[i].length == 1) {
1293 			printf("0x%-9X", strap_info[i].bit_offset);
1294 		} else {
1295 			printf("0x%-2X:0x%-4X",
1296 			       strap_info[i].bit_offset + strap_info[i].length - 1,
1297 			       strap_info[i].bit_offset);
1298 		}
1299 		printf("0x%-10x", otp_value);
1300 		printf("0x%-10x", otp_protect);
1301 
1302 		if (fail) {
1303 			printf("Ignore mask error\n");
1304 		} else {
1305 			if (strap_info[i].value != OTP_REG_RESERVED)
1306 				printf("%s\n", strap_info[i].information);
1307 			else
1308 				printf("Reserved\n");
1309 		}
1310 	}
1311 
1312 	if (fail)
1313 		return OTP_FAILURE;
1314 
1315 	return OTP_SUCCESS;
1316 }
1317 
1318 static int otp_print_strap_info(int view)
1319 {
1320 	const struct otpstrap_info *strap_info = info_cb.strap_info;
1321 	struct otpstrap_status strap_status[64];
1322 	int i, j;
1323 	int fail = 0;
1324 	u32 bit_offset;
1325 	u32 length;
1326 	u32 otp_value;
1327 	u32 otp_protect;
1328 
1329 	otp_strap_status(strap_status);
1330 
1331 	if (view) {
1332 		printf("BIT(hex) Value  Remains  Protect   Description\n");
1333 		printf("___________________________________________________________________________________________________\n");
1334 	} else {
1335 		printf("BIT(hex)   Value       Description\n");
1336 		printf("________________________________________________________________________________\n");
1337 	}
1338 	for (i = 0; i < info_cb.strap_info_len; i++) {
1339 		otp_value = 0;
1340 		bit_offset = strap_info[i].bit_offset;
1341 		length = strap_info[i].length;
1342 		for (j = 0; j < length; j++) {
1343 			otp_value |= strap_status[bit_offset + j].value << j;
1344 			otp_protect |= strap_status[bit_offset + j].protected << j;
1345 		}
1346 		if (otp_value != strap_info[i].value &&
1347 		    strap_info[i].value != OTP_REG_RESERVED)
1348 			continue;
1349 		if (view) {
1350 			for (j = 0; j < length; j++) {
1351 				printf("0x%-7X", strap_info[i].bit_offset + j);
1352 				printf("0x%-5X", strap_status[bit_offset + j].value);
1353 				printf("%-9d", strap_status[bit_offset + j].remain_times);
1354 				printf("0x%-7X", strap_status[bit_offset + j].protected);
1355 				if (strap_info[i].value == OTP_REG_RESERVED) {
1356 					printf(" Reserved\n");
1357 					continue;
1358 				}
1359 				if (length == 1) {
1360 					printf(" %s\n", strap_info[i].information);
1361 					continue;
1362 				}
1363 
1364 				if (j == 0)
1365 					printf("/%s\n", strap_info[i].information);
1366 				else if (j == length - 1)
1367 					printf("\\ \"\n");
1368 				else
1369 					printf("| \"\n");
1370 			}
1371 		} else {
1372 			if (length == 1) {
1373 				printf("0x%-9X", strap_info[i].bit_offset);
1374 			} else {
1375 				printf("0x%-2X:0x%-4X",
1376 				       bit_offset + length - 1, bit_offset);
1377 			}
1378 
1379 			printf("0x%-10X", otp_value);
1380 
1381 			if (strap_info[i].value != OTP_REG_RESERVED)
1382 				printf("%s\n", strap_info[i].information);
1383 			else
1384 				printf("Reserved\n");
1385 		}
1386 	}
1387 
1388 	if (fail)
1389 		return OTP_FAILURE;
1390 
1391 	return OTP_SUCCESS;
1392 }
1393 
1394 static void _otp_print_key(u32 header, u32 offset, u8 *data)
1395 {
1396 	const struct otpkey_type *key_info_array = info_cb.key_info;
1397 	struct otpkey_type key_info;
1398 	int key_id, key_offset, key_type, key_length, exp_length;
1399 	int len = 0;
1400 	int i;
1401 
1402 	key_id = header & 0x7;
1403 	key_offset = header & 0x1ff8;
1404 	key_type = (header >> 14) & 0xf;
1405 	key_length = (header >> 18) & 0x3;
1406 	exp_length = (header >> 20) & 0xfff;
1407 
1408 	printf("\nKey[%d]:\n", offset);
1409 	printf("Header: %x\n", header);
1410 
1411 	key_info.value = -1;
1412 	for (i = 0; i < info_cb.key_info_len; i++) {
1413 		if (key_type == key_info_array[i].value) {
1414 			key_info = key_info_array[i];
1415 			break;
1416 		}
1417 	}
1418 	if (key_info.value == -1)
1419 		return;
1420 
1421 	printf("Key Type: ");
1422 	printf("%s\n", key_info.information);
1423 
1424 	if (key_info.key_type == OTP_KEY_TYPE_HMAC) {
1425 		printf("HMAC SHA Type: ");
1426 		switch (key_length) {
1427 		case 0:
1428 			printf("HMAC(SHA224)\n");
1429 			break;
1430 		case 1:
1431 			printf("HMAC(SHA256)\n");
1432 			break;
1433 		case 2:
1434 			printf("HMAC(SHA384)\n");
1435 			break;
1436 		case 3:
1437 			printf("HMAC(SHA512)\n");
1438 			break;
1439 		}
1440 	} else if (key_info.key_type == OTP_KEY_TYPE_RSA_PRIV ||
1441 		   key_info.key_type == OTP_KEY_TYPE_RSA_PUB) {
1442 		printf("RSA SHA Type: ");
1443 		switch (key_length) {
1444 		case 0:
1445 			printf("RSA1024\n");
1446 			len = 0x100;
1447 			break;
1448 		case 1:
1449 			printf("RSA2048\n");
1450 			len = 0x200;
1451 			break;
1452 		case 2:
1453 			printf("RSA3072\n");
1454 			len = 0x300;
1455 			break;
1456 		case 3:
1457 			printf("RSA4096\n");
1458 			len = 0x400;
1459 			break;
1460 		}
1461 		printf("RSA exponent bit length: %d\n", exp_length);
1462 	}
1463 	if (key_info.need_id)
1464 		printf("Key Number ID: %d\n", key_id);
1465 	if (!data)
1466 		return;
1467 	printf("Key Value:\n");
1468 	if (key_info.key_type == OTP_KEY_TYPE_HMAC) {
1469 		buf_print(&data[key_offset], 0x40);
1470 	} else if (key_info.key_type == OTP_KEY_TYPE_AES) {
1471 		printf("AES Key:\n");
1472 		buf_print(&data[key_offset], 0x20);
1473 		if (info_cb.version == OTP_A0) {
1474 			printf("AES IV:\n");
1475 			buf_print(&data[key_offset + 0x20], 0x10);
1476 		}
1477 
1478 	} else if (key_info.key_type == OTP_KEY_TYPE_VAULT) {
1479 		if (info_cb.version == OTP_A0) {
1480 			printf("AES Key:\n");
1481 			buf_print(&data[key_offset], 0x20);
1482 			printf("AES IV:\n");
1483 			buf_print(&data[key_offset + 0x20], 0x10);
1484 		} else {
1485 			printf("AES Key 1:\n");
1486 			buf_print(&data[key_offset], 0x20);
1487 			printf("AES Key 2:\n");
1488 			buf_print(&data[key_offset + 0x20], 0x20);
1489 		}
1490 	} else if (key_info.key_type == OTP_KEY_TYPE_RSA_PRIV) {
1491 		printf("RSA mod:\n");
1492 		buf_print(&data[key_offset], len / 2);
1493 		printf("RSA exp:\n");
1494 		buf_print(&data[key_offset + (len / 2)], len / 2);
1495 	} else if (key_info.key_type == OTP_KEY_TYPE_RSA_PUB) {
1496 		printf("RSA mod:\n");
1497 		buf_print(&data[key_offset], len / 2);
1498 		printf("RSA exp:\n");
1499 		buf_print((u8 *)"\x01\x00\x01", 3);
1500 	}
1501 }
1502 
1503 static void otp_print_key(u32 *data)
1504 {
1505 	int i;
1506 	int last;
1507 	u8 *byte_buf;
1508 	int empty;
1509 
1510 	byte_buf = (u8 *)data;
1511 
1512 	empty = 1;
1513 	for (i = 0; i < 16; i++) {
1514 		if (i % 2) {
1515 			if (data[i] != 0xffffffff)
1516 				empty = 0;
1517 		} else {
1518 			if (data[i] != 0)
1519 				empty = 0;
1520 		}
1521 	}
1522 	if (empty) {
1523 		printf("OTP data header is empty\n");
1524 		return;
1525 	}
1526 
1527 	for (i = 0; i < 16; i++) {
1528 		last = (data[i] >> 13) & 1;
1529 		_otp_print_key(data[i], i, byte_buf);
1530 		if (last)
1531 			break;
1532 	}
1533 }
1534 
1535 static int otp_print_data_image(struct otp_image_layout *image_layout)
1536 {
1537 	u32 *buf;
1538 
1539 	buf = (u32 *)image_layout->data;
1540 	otp_print_key(buf);
1541 
1542 	return OTP_SUCCESS;
1543 }
1544 
1545 static void otp_print_key_info(void)
1546 {
1547 	u32 data[2048];
1548 	int i;
1549 
1550 	for (i = 0; i < 2048 ; i += 2)
1551 		otp_read_data(i, &data[i]);
1552 
1553 	otp_print_key(data);
1554 }
1555 
1556 static int otp_prog_data(struct otp_image_layout *image_layout, u32 *data)
1557 {
1558 	int i;
1559 	int ret;
1560 	u32 *buf;
1561 	u32 *buf_ignore;
1562 
1563 	buf = (u32 *)image_layout->data;
1564 	buf_ignore = (u32 *)image_layout->data_ignore;
1565 	printf("Start Programing...\n");
1566 
1567 	// programing ecc region first
1568 	for (i = 1792; i < 2046; i += 2) {
1569 		ret = otp_prog_verify_2dw(&data[i], &buf[i], &buf_ignore[i], i);
1570 		if (ret != OTP_SUCCESS) {
1571 			printf("address: %08x, data: %08x %08x, buffer: %08x %08x, mask: %08x %08x\n",
1572 			       i, data[i], data[i + 1], buf[i], buf[i + 1], buf_ignore[i], buf_ignore[i + 1]);
1573 			return ret;
1574 		}
1575 	}
1576 
1577 	for (i = 0; i < 1792; i += 2) {
1578 		ret = otp_prog_verify_2dw(&data[i], &buf[i], &buf_ignore[i], i);
1579 		if (ret != OTP_SUCCESS) {
1580 			printf("address: %08x, data: %08x %08x, buffer: %08x %08x, mask: %08x %08x\n",
1581 			       i, data[i], data[i + 1], buf[i], buf[i + 1], buf_ignore[i], buf_ignore[i + 1]);
1582 			return ret;
1583 		}
1584 	}
1585 	otp_soak(0);
1586 	return OTP_SUCCESS;
1587 }
1588 
1589 static int otp_prog_strap(struct otp_image_layout *image_layout, struct otpstrap_status *otpstrap)
1590 {
1591 	u32 *strap;
1592 	u32 *strap_ignore;
1593 	u32 *strap_pro;
1594 	u32 prog_address;
1595 	int i;
1596 	int bit, pbit, ibit, offset;
1597 	int fail = 0;
1598 	int ret;
1599 	int prog_flag = 0;
1600 
1601 	strap = (u32 *)image_layout->strap;
1602 	strap_pro = (u32 *)image_layout->strap_pro;
1603 	strap_ignore = (u32 *)image_layout->strap_ignore;
1604 
1605 	for (i = 0; i < 64; i++) {
1606 		prog_address = 0x800;
1607 		if (i < 32) {
1608 			offset = i;
1609 			bit = (strap[0] >> offset) & 0x1;
1610 			ibit = (strap_ignore[0] >> offset) & 0x1;
1611 			pbit = (strap_pro[0] >> offset) & 0x1;
1612 			prog_address |= ((otpstrap[i].writeable_option * 2 + 16) / 8) * 0x200;
1613 			prog_address |= ((otpstrap[i].writeable_option * 2 + 16) % 8) * 0x2;
1614 
1615 		} else {
1616 			offset = (i - 32);
1617 			bit = (strap[1] >> offset) & 0x1;
1618 			ibit = (strap_ignore[1] >> offset) & 0x1;
1619 			pbit = (strap_pro[1] >> offset) & 0x1;
1620 			prog_address |= ((otpstrap[i].writeable_option * 2 + 17) / 8) * 0x200;
1621 			prog_address |= ((otpstrap[i].writeable_option * 2 + 17) % 8) * 0x2;
1622 		}
1623 
1624 		if (ibit == 1)
1625 			continue;
1626 		if (bit == otpstrap[i].value)
1627 			prog_flag = 0;
1628 		else
1629 			prog_flag = 1;
1630 
1631 		if (otpstrap[i].protected == 1 && prog_flag) {
1632 			fail = 1;
1633 			continue;
1634 		}
1635 		if (otpstrap[i].remain_times == 0 && prog_flag) {
1636 			fail = 1;
1637 			continue;
1638 		}
1639 
1640 		if (prog_flag) {
1641 			ret = otp_prog_dc_b(1, prog_address, offset);
1642 			if (ret)
1643 				return OTP_FAILURE;
1644 		}
1645 
1646 		if (pbit != 0) {
1647 			prog_address = 0x800;
1648 			if (i < 32)
1649 				prog_address |= 0x60c;
1650 			else
1651 				prog_address |= 0x60e;
1652 
1653 			ret = otp_prog_dc_b(1, prog_address, offset);
1654 			if (ret)
1655 				return OTP_FAILURE;
1656 		}
1657 	}
1658 	otp_soak(0);
1659 	if (fail == 1)
1660 		return OTP_FAILURE;
1661 	return OTP_SUCCESS;
1662 }
1663 
1664 static int otp_prog_conf(struct otp_image_layout *image_layout, u32 *otp_conf)
1665 {
1666 	int i, k;
1667 	int pass = 0;
1668 	u32 prog_address;
1669 	u32 compare[2];
1670 	u32 *conf = (u32 *)image_layout->conf;
1671 	u32 *conf_ignore = (u32 *)image_layout->conf_ignore;
1672 	u32 data_masked;
1673 	u32 buf_masked;
1674 	int ret;
1675 
1676 	printf("Start Programing...\n");
1677 	otp_soak(0);
1678 	for (i = 0; i < 16; i++) {
1679 		data_masked = otp_conf[i]  & ~conf_ignore[i];
1680 		buf_masked  = conf[i] & ~conf_ignore[i];
1681 		prog_address = 0x800;
1682 		prog_address |= (i / 8) * 0x200;
1683 		prog_address |= (i % 8) * 0x2;
1684 		if (data_masked == buf_masked) {
1685 			pass = 1;
1686 			continue;
1687 		}
1688 
1689 		otp_soak(1);
1690 		ret = otp_prog_dw(conf[i], conf_ignore[i], prog_address);
1691 		if (ret)
1692 			return OTP_FAILURE;
1693 
1694 		pass = 0;
1695 		for (k = 0; k < RETRY; k++) {
1696 			if (verify_dw(prog_address, &conf[i], &conf_ignore[i], compare, 1) != 0) {
1697 				otp_soak(2);
1698 				ret = otp_prog_dw(compare[0], conf_ignore[i], prog_address);
1699 				if (ret)
1700 					return OTP_FAILURE;
1701 				if (verify_dw(prog_address, &conf[i], &conf_ignore[i], compare, 1) != 0) {
1702 					otp_soak(1);
1703 				} else {
1704 					pass = 1;
1705 					break;
1706 				}
1707 			} else {
1708 				pass = 1;
1709 				break;
1710 			}
1711 		}
1712 		if (pass == 0) {
1713 			printf("address: %08x, otp_conf: %08x, input_conf: %08x, mask: %08x\n",
1714 			       i, otp_conf[i], conf[i], conf_ignore[i]);
1715 			break;
1716 		}
1717 	}
1718 
1719 	otp_soak(0);
1720 	if (!pass)
1721 		return OTP_FAILURE;
1722 
1723 	return OTP_SUCCESS;
1724 }
1725 
1726 static int otp_prog_scu_protect(struct otp_image_layout *image_layout, u32 *scu_pro)
1727 {
1728 	int i, k;
1729 	int pass = 0;
1730 	u32 prog_address;
1731 	u32 compare[2];
1732 	u32 *OTPSCU = (u32 *)image_layout->scu_pro;
1733 	u32 *OTPSCU_IGNORE = (u32 *)image_layout->scu_pro_ignore;
1734 	u32 data_masked;
1735 	u32 buf_masked;
1736 	int ret;
1737 
1738 	printf("Start Programing...\n");
1739 	otp_soak(0);
1740 	for (i = 0; i < 2; i++) {
1741 		data_masked = scu_pro[i]  & ~OTPSCU_IGNORE[i];
1742 		buf_masked  = OTPSCU[i] & ~OTPSCU_IGNORE[i];
1743 		prog_address = 0xe08 + i * 2;
1744 		if (data_masked == buf_masked) {
1745 			pass = 1;
1746 			continue;
1747 		}
1748 
1749 		otp_soak(1);
1750 		ret = otp_prog_dw(OTPSCU[i], OTPSCU_IGNORE[i], prog_address);
1751 		if (ret)
1752 			return OTP_FAILURE;
1753 		pass = 0;
1754 		for (k = 0; k < RETRY; k++) {
1755 			if (verify_dw(prog_address, &OTPSCU[i], &OTPSCU_IGNORE[i], compare, 1) != 0) {
1756 				otp_soak(2);
1757 				ret = otp_prog_dw(compare[0], OTPSCU_IGNORE[i], prog_address);
1758 				if (ret)
1759 					return OTP_FAILURE;
1760 				if (verify_dw(prog_address, &OTPSCU[i], &OTPSCU_IGNORE[i], compare, 1) != 0) {
1761 					otp_soak(1);
1762 				} else {
1763 					pass = 1;
1764 					break;
1765 				}
1766 			} else {
1767 				pass = 1;
1768 				break;
1769 			}
1770 		}
1771 		if (pass == 0) {
1772 			printf("OTPCFG0x%x: 0x%08x, input: 0x%08x, mask: 0x%08x\n",
1773 			       i + 28, scu_pro[i], OTPSCU[i], OTPSCU_IGNORE[i]);
1774 			break;
1775 		}
1776 	}
1777 
1778 	otp_soak(0);
1779 	if (!pass)
1780 		return OTP_FAILURE;
1781 
1782 	return OTP_SUCCESS;
1783 }
1784 
1785 static int otp_check_data_image(struct otp_image_layout *image_layout, u32 *data)
1786 {
1787 	int data_dw;
1788 	u32 data_masked;
1789 	u32 buf_masked;
1790 	u32 *buf = (u32 *)image_layout->data;
1791 	u32 *buf_ignore = (u32 *)image_layout->data_ignore;
1792 	int i;
1793 
1794 	data_dw = image_layout->data_length / 4;
1795 	// ignore last two dw, the last two dw is used for slt otp write check.
1796 	for (i = 0; i < data_dw - 2; i++) {
1797 		data_masked = data[i]  & ~buf_ignore[i];
1798 		buf_masked  = buf[i] & ~buf_ignore[i];
1799 		if (data_masked == buf_masked)
1800 			continue;
1801 		if (i % 2 == 0) {
1802 			if ((data_masked | buf_masked) == buf_masked) {
1803 				continue;
1804 			} else {
1805 				printf("Input image can't program into OTP, please check.\n");
1806 				printf("OTP_ADDR[0x%x] = 0x%x\n", i, data[i]);
1807 				printf("Input   [0x%x] = 0x%x\n", i, buf[i]);
1808 				printf("Mask    [0x%x] = 0x%x\n", i, ~buf_ignore[i]);
1809 				return OTP_FAILURE;
1810 			}
1811 		} else {
1812 			if ((data_masked & buf_masked) == buf_masked) {
1813 				continue;
1814 			} else {
1815 				printf("Input image can't program into OTP, please check.\n");
1816 				printf("OTP_ADDR[0x%x] = 0x%x\n", i, data[i]);
1817 				printf("Input   [0x%x] = 0x%x\n", i, buf[i]);
1818 				printf("Mask    [0x%x] = 0x%x\n", i, ~buf_ignore[i]);
1819 				return OTP_FAILURE;
1820 			}
1821 		}
1822 	}
1823 	return OTP_SUCCESS;
1824 }
1825 
1826 static int otp_check_strap_image(struct otp_image_layout *image_layout, struct otpstrap_status *otpstrap)
1827 {
1828 	int i;
1829 	u32 *strap;
1830 	u32 *strap_ignore;
1831 	u32 *strap_pro;
1832 	int bit, pbit, ibit;
1833 	int fail = 0;
1834 	int ret;
1835 
1836 	strap = (u32 *)image_layout->strap;
1837 	strap_pro = (u32 *)image_layout->strap_pro;
1838 	strap_ignore = (u32 *)image_layout->strap_ignore;
1839 
1840 	for (i = 0; i < 64; i++) {
1841 		if (i < 32) {
1842 			bit = (strap[0] >> i) & 0x1;
1843 			ibit = (strap_ignore[0] >> i) & 0x1;
1844 			pbit = (strap_pro[0] >> i) & 0x1;
1845 		} else {
1846 			bit = (strap[1] >> (i - 32)) & 0x1;
1847 			ibit = (strap_ignore[1] >> (i - 32)) & 0x1;
1848 			pbit = (strap_pro[1] >> (i - 32)) & 0x1;
1849 		}
1850 
1851 		ret = otp_strap_bit_confirm(&otpstrap[i], i, ibit, bit, pbit);
1852 
1853 		if (ret == OTP_FAILURE)
1854 			fail = 1;
1855 	}
1856 	if (fail == 1) {
1857 		printf("Input image can't program into OTP, please check.\n");
1858 		return OTP_FAILURE;
1859 	}
1860 	return OTP_SUCCESS;
1861 }
1862 
1863 static int otp_check_conf_image(struct otp_image_layout *image_layout, u32 *otp_conf)
1864 {
1865 	u32 *conf = (u32 *)image_layout->conf;
1866 	u32 *conf_ignore = (u32 *)image_layout->conf_ignore;
1867 	u32 data_masked;
1868 	u32 buf_masked;
1869 	int i;
1870 
1871 	for (i = 0; i < 16; i++) {
1872 		data_masked = otp_conf[i]  & ~conf_ignore[i];
1873 		buf_masked  = conf[i] & ~conf_ignore[i];
1874 		if (data_masked == buf_masked)
1875 			continue;
1876 		if ((data_masked | buf_masked) == buf_masked) {
1877 			continue;
1878 		} else {
1879 			printf("Input image can't program into OTP, please check.\n");
1880 			printf("OTPCFG[%X] = %x\n", i, otp_conf[i]);
1881 			printf("Input [%X] = %x\n", i, conf[i]);
1882 			printf("Mask  [%X] = %x\n", i, ~conf_ignore[i]);
1883 			return OTP_FAILURE;
1884 		}
1885 	}
1886 	return OTP_SUCCESS;
1887 }
1888 
1889 static int otp_check_scu_image(struct otp_image_layout *image_layout, u32 *scu_pro)
1890 {
1891 	u32 *OTPSCU = (u32 *)image_layout->scu_pro;
1892 	u32 *OTPSCU_IGNORE = (u32 *)image_layout->scu_pro_ignore;
1893 	u32 data_masked;
1894 	u32 buf_masked;
1895 	int i;
1896 
1897 	for (i = 0; i < 2; i++) {
1898 		data_masked = scu_pro[i]  & ~OTPSCU_IGNORE[i];
1899 		buf_masked  = OTPSCU[i] & ~OTPSCU_IGNORE[i];
1900 		if (data_masked == buf_masked)
1901 			continue;
1902 		if ((data_masked | buf_masked) == buf_masked) {
1903 			continue;
1904 		} else {
1905 			printf("Input image can't program into OTP, please check.\n");
1906 			printf("OTPCFG[0x%X] = 0x%X\n", 28 + i, scu_pro[i]);
1907 			printf("Input [0x%X] = 0x%X\n", 28 + i, OTPSCU[i]);
1908 			printf("Mask  [0x%X] = 0x%X\n", 28 + i, ~OTPSCU_IGNORE[i]);
1909 			return OTP_FAILURE;
1910 		}
1911 	}
1912 	return OTP_SUCCESS;
1913 }
1914 
1915 static int otp_verify_image(u8 *src_buf, u32 length, u8 *digest_buf, int version)
1916 {
1917 	u8 digest_ret[48];
1918 	int digest_len;
1919 
1920 	switch (version) {
1921 	case 1:
1922 		sb_sha256(src_buf, length, digest_ret);
1923 		digest_len = 32;
1924 		break;
1925 	case 2:
1926 		sb_sha384(src_buf, length, digest_ret);
1927 		digest_len = 48;
1928 		break;
1929 	default:
1930 		return OTP_FAILURE;
1931 	}
1932 
1933 	if (!memcmp(digest_buf, digest_ret, digest_len))
1934 		return OTP_SUCCESS;
1935 	return OTP_FAILURE;
1936 }
1937 
1938 static int otp_prog_image(int addr, int nconfirm)
1939 {
1940 	int ret;
1941 	int image_soc_ver = 0;
1942 	struct otp_header *otp_header;
1943 	struct otp_image_layout image_layout;
1944 	int image_size;
1945 	u8 *buf;
1946 	u8 *checksum;
1947 	int i;
1948 	u32 data[2048];
1949 	u32 conf[16];
1950 	u32 scu_pro[2];
1951 	struct otpstrap_status otpstrap[64];
1952 
1953 	otp_header = map_physmem(addr, sizeof(struct otp_header), MAP_WRBACK);
1954 	if (!otp_header) {
1955 		printf("Failed to map physical memory\n");
1956 		return OTP_FAILURE;
1957 	}
1958 
1959 	image_size = OTP_IMAGE_SIZE(otp_header->image_info);
1960 	unmap_physmem(otp_header, MAP_WRBACK);
1961 
1962 	buf = map_physmem(addr, image_size + CHECKSUM_LEN, MAP_WRBACK);
1963 
1964 	if (!buf) {
1965 		printf("Failed to map physical memory\n");
1966 		return OTP_FAILURE;
1967 	}
1968 	otp_header = (struct otp_header *)buf;
1969 	checksum = buf + otp_header->checksum_offset;
1970 
1971 	if (strcmp(OTP_MAGIC, (char *)otp_header->otp_magic) != 0) {
1972 		printf("Image is invalid\n");
1973 		return OTP_FAILURE;
1974 	}
1975 
1976 	image_layout.data_length = (int)(OTP_REGION_SIZE(otp_header->data_info) / 2);
1977 	image_layout.data = buf + OTP_REGION_OFFSET(otp_header->data_info);
1978 	image_layout.data_ignore = image_layout.data + image_layout.data_length;
1979 
1980 	image_layout.conf_length = (int)(OTP_REGION_SIZE(otp_header->config_info) / 2);
1981 	image_layout.conf = buf + OTP_REGION_OFFSET(otp_header->config_info);
1982 	image_layout.conf_ignore = image_layout.conf + image_layout.conf_length;
1983 
1984 	image_layout.strap = buf + OTP_REGION_OFFSET(otp_header->strap_info);
1985 	image_layout.strap_length = (int)(OTP_REGION_SIZE(otp_header->strap_info) / 3);
1986 	image_layout.strap_pro = image_layout.strap + image_layout.strap_length;
1987 	image_layout.strap_ignore = image_layout.strap + 2 * image_layout.strap_length;
1988 
1989 	image_layout.scu_pro = buf + OTP_REGION_OFFSET(otp_header->scu_protect_info);
1990 	image_layout.scu_pro_length = (int)(OTP_REGION_SIZE(otp_header->scu_protect_info) / 2);
1991 	image_layout.scu_pro_ignore = image_layout.scu_pro + image_layout.scu_pro_length;
1992 
1993 	if (otp_header->soc_ver == SOC_AST2600A0) {
1994 		image_soc_ver = OTP_A0;
1995 	} else if (otp_header->soc_ver == SOC_AST2600A1) {
1996 		image_soc_ver = OTP_A1;
1997 	} else if (otp_header->soc_ver == SOC_AST2600A2) {
1998 		image_soc_ver = OTP_A2;
1999 	} else if (otp_header->soc_ver == SOC_AST2600A3) {
2000 		image_soc_ver = OTP_A3;
2001 	} else {
2002 		printf("Image SOC Version is not supported\n");
2003 		return OTP_FAILURE;
2004 	}
2005 
2006 	if (image_soc_ver != info_cb.version) {
2007 		printf("Image SOC version is not match to HW SOC version\n");
2008 		return OTP_FAILURE;
2009 	}
2010 
2011 	switch (OTPTOOL_VERSION_MAJOR(otp_header->otptool_ver)) {
2012 	case 1:
2013 		printf("WARNING: OTP image is not generated by otptool v2.x.x\n");
2014 		printf("Please use the latest version of otptool to generate OTP image\n");
2015 		ret = otp_verify_image(buf, image_size, checksum, 1);
2016 		break;
2017 	case 2:
2018 		ret = otp_verify_image(buf, image_size, checksum, 2);
2019 		break;
2020 	default:
2021 		printf("OTP image version is not supported\n");
2022 		return OTP_FAILURE;
2023 	}
2024 
2025 	if (ret) {
2026 		printf("checksum is invalid\n");
2027 		return OTP_FAILURE;
2028 	}
2029 
2030 	if (info_cb.pro_sts.mem_lock) {
2031 		printf("OTP memory is locked\n");
2032 		return OTP_FAILURE;
2033 	}
2034 	ret = 0;
2035 	if (otp_header->image_info & OTP_INC_DATA) {
2036 		if (info_cb.pro_sts.pro_data) {
2037 			printf("OTP data region is protected\n");
2038 			ret = -1;
2039 		}
2040 		if (info_cb.pro_sts.pro_sec) {
2041 			printf("OTP secure region is protected\n");
2042 			ret = -1;
2043 		}
2044 		printf("Read OTP Data Region:\n");
2045 		for (i = 0; i < 2048 ; i += 2)
2046 			otp_read_data(i, &data[i]);
2047 
2048 		printf("Check writable...\n");
2049 		if (otp_check_data_image(&image_layout, data) == OTP_FAILURE)
2050 			ret = -1;
2051 	}
2052 	if (otp_header->image_info & OTP_INC_CONFIG) {
2053 		if (info_cb.pro_sts.pro_conf) {
2054 			printf("OTP config region is protected\n");
2055 			ret = -1;
2056 		}
2057 		printf("Read OTP Config Region:\n");
2058 		for (i = 0; i < 16 ; i++)
2059 			otp_read_conf(i, &conf[i]);
2060 
2061 		printf("Check writable...\n");
2062 		if (otp_check_conf_image(&image_layout, conf) == OTP_FAILURE)
2063 			ret = -1;
2064 	}
2065 	if (otp_header->image_info & OTP_INC_STRAP) {
2066 		if (info_cb.pro_sts.pro_strap) {
2067 			printf("OTP strap region is protected\n");
2068 			ret = -1;
2069 		}
2070 		printf("Read OTP Strap Region:\n");
2071 		otp_strap_status(otpstrap);
2072 
2073 		printf("Check writable...\n");
2074 		if (otp_check_strap_image(&image_layout, otpstrap) == OTP_FAILURE)
2075 			ret = -1;
2076 	}
2077 	if (otp_header->image_info & OTP_INC_SCU_PRO) {
2078 		if (info_cb.pro_sts.pro_strap) {
2079 			printf("OTP strap region is protected\n");
2080 			ret = -1;
2081 		}
2082 		printf("Read SCU Protect Region:\n");
2083 		otp_read_conf(28, &scu_pro[0]);
2084 		otp_read_conf(29, &scu_pro[1]);
2085 
2086 		printf("Check writable...\n");
2087 		if (otp_check_scu_image(&image_layout, scu_pro) == OTP_FAILURE)
2088 			ret = -1;
2089 	}
2090 	if (ret == -1)
2091 		return OTP_FAILURE;
2092 
2093 	if (!nconfirm) {
2094 		if (otp_header->image_info & OTP_INC_DATA) {
2095 			printf("\nOTP data region :\n");
2096 			if (otp_print_data_image(&image_layout) < 0) {
2097 				printf("OTP data error, please check.\n");
2098 				return OTP_FAILURE;
2099 			}
2100 		}
2101 		if (otp_header->image_info & OTP_INC_CONFIG) {
2102 			printf("\nOTP configuration region :\n");
2103 			if (otp_print_conf_image(&image_layout) < 0) {
2104 				printf("OTP config error, please check.\n");
2105 				return OTP_FAILURE;
2106 			}
2107 		}
2108 		if (otp_header->image_info & OTP_INC_STRAP) {
2109 			printf("\nOTP strap region :\n");
2110 			if (otp_print_strap_image(&image_layout) < 0) {
2111 				printf("OTP strap error, please check.\n");
2112 				return OTP_FAILURE;
2113 			}
2114 		}
2115 		if (otp_header->image_info & OTP_INC_SCU_PRO) {
2116 			printf("\nOTP scu protect region :\n");
2117 			if (otp_print_scu_image(&image_layout) < 0) {
2118 				printf("OTP scu protect error, please check.\n");
2119 				return OTP_FAILURE;
2120 			}
2121 		}
2122 
2123 		printf("type \"YES\" (no quotes) to continue:\n");
2124 		if (!confirm_yesno()) {
2125 			printf(" Aborting\n");
2126 			return OTP_FAILURE;
2127 		}
2128 	}
2129 
2130 	if (otp_header->image_info & OTP_INC_DATA) {
2131 		printf("programing data region ...\n");
2132 		ret = otp_prog_data(&image_layout, data);
2133 		if (ret != 0) {
2134 			printf("Error\n");
2135 			return ret;
2136 		}
2137 		printf("Done\n");
2138 	}
2139 	if (otp_header->image_info & OTP_INC_STRAP) {
2140 		printf("programing strap region ...\n");
2141 		ret = otp_prog_strap(&image_layout, otpstrap);
2142 		if (ret != 0) {
2143 			printf("Error\n");
2144 			return ret;
2145 		}
2146 		printf("Done\n");
2147 	}
2148 	if (otp_header->image_info & OTP_INC_SCU_PRO) {
2149 		printf("programing scu protect region ...\n");
2150 		ret = otp_prog_scu_protect(&image_layout, scu_pro);
2151 		if (ret != 0) {
2152 			printf("Error\n");
2153 			return ret;
2154 		}
2155 		printf("Done\n");
2156 	}
2157 	if (otp_header->image_info & OTP_INC_CONFIG) {
2158 		printf("programing configuration region ...\n");
2159 		ret = otp_prog_conf(&image_layout, conf);
2160 		if (ret != 0) {
2161 			printf("Error\n");
2162 			return ret;
2163 		}
2164 		printf("Done\n");
2165 	}
2166 
2167 	return OTP_SUCCESS;
2168 }
2169 
2170 static int otp_prog_bit(int mode, int otp_dw_offset, int bit_offset, int value, int nconfirm)
2171 {
2172 	u32 read[2];
2173 	u32 prog_address = 0;
2174 	struct otpstrap_status otpstrap[64];
2175 	int otp_bit;
2176 	int ret = 0;
2177 
2178 	otp_soak(0);
2179 	switch (mode) {
2180 	case OTP_REGION_CONF:
2181 		otp_read_conf(otp_dw_offset, read);
2182 		prog_address = 0x800;
2183 		prog_address |= (otp_dw_offset / 8) * 0x200;
2184 		prog_address |= (otp_dw_offset % 8) * 0x2;
2185 		otp_bit = (read[0] >> bit_offset) & 0x1;
2186 		if (otp_bit == value) {
2187 			printf("OTPCFG0x%X[0x%X] = %d\n", otp_dw_offset, bit_offset, value);
2188 			printf("No need to program\n");
2189 			return OTP_SUCCESS;
2190 		}
2191 		if (otp_bit == 1 && value == 0) {
2192 			printf("OTPCFG0x%X[0x%X] = 1\n", otp_dw_offset, bit_offset);
2193 			printf("OTP is programmed, which can't be clean\n");
2194 			return OTP_FAILURE;
2195 		}
2196 		printf("Program OTPCFG0x%X[0x%X] to 1\n", otp_dw_offset, bit_offset);
2197 		break;
2198 	case OTP_REGION_DATA:
2199 		prog_address = otp_dw_offset;
2200 
2201 		if (otp_dw_offset % 2 == 0) {
2202 			otp_read_data(otp_dw_offset, read);
2203 			otp_bit = (read[0] >> bit_offset) & 0x1;
2204 
2205 			if (otp_bit == 1 && value == 0) {
2206 				printf("OTPDATA0x%X[0x%X] = 1\n", otp_dw_offset, bit_offset);
2207 				printf("OTP is programmed, which can't be cleared\n");
2208 				return OTP_FAILURE;
2209 			}
2210 		} else {
2211 			otp_read_data(otp_dw_offset - 1, read);
2212 			otp_bit = (read[1] >> bit_offset) & 0x1;
2213 
2214 			if (otp_bit == 0 && value == 1) {
2215 				printf("OTPDATA0x%X[0x%X] = 1\n", otp_dw_offset, bit_offset);
2216 				printf("OTP is programmed, which can't be written\n");
2217 				return OTP_FAILURE;
2218 			}
2219 		}
2220 		if (otp_bit == value) {
2221 			printf("OTPDATA0x%X[0x%X] = %d\n", otp_dw_offset, bit_offset, value);
2222 			printf("No need to program\n");
2223 			return OTP_SUCCESS;
2224 		}
2225 
2226 		printf("Program OTPDATA0x%X[0x%X] to 1\n", otp_dw_offset, bit_offset);
2227 		break;
2228 	case OTP_REGION_STRAP:
2229 		otp_strap_status(otpstrap);
2230 		otp_print_strap(bit_offset, 1);
2231 		ret = otp_strap_bit_confirm(&otpstrap[bit_offset], bit_offset, 0, value, 0);
2232 		if (ret == OTP_FAILURE)
2233 			return OTP_FAILURE;
2234 		else if (ret == OTP_PROG_SKIP)
2235 			return OTP_SUCCESS;
2236 
2237 		break;
2238 	}
2239 
2240 	if (!nconfirm) {
2241 		printf("type \"YES\" (no quotes) to continue:\n");
2242 		if (!confirm_yesno()) {
2243 			printf(" Aborting\n");
2244 			return OTP_FAILURE;
2245 		}
2246 	}
2247 
2248 	switch (mode) {
2249 	case OTP_REGION_STRAP:
2250 		ret =  otp_prog_strap_b(bit_offset, value);
2251 		break;
2252 	case OTP_REGION_CONF:
2253 	case OTP_REGION_DATA:
2254 		ret = otp_prog_dc_b(value, prog_address, bit_offset);
2255 		break;
2256 	}
2257 	otp_soak(0);
2258 	if (ret) {
2259 		printf("OTP cannot be programmed\n");
2260 		printf("FAILURE\n");
2261 		return OTP_FAILURE;
2262 	}
2263 
2264 	printf("SUCCESS\n");
2265 	return OTP_SUCCESS;
2266 }
2267 
2268 static int otp_update_rid(u32 update_num, int force)
2269 {
2270 	u32 otp_rid[2];
2271 	u32 sw_rid[2];
2272 	int rid_num = 0;
2273 	int sw_rid_num = 0;
2274 	int bit_offset;
2275 	int dw_offset;
2276 	int i;
2277 	int ret;
2278 
2279 	otp_read_conf(10, &otp_rid[0]);
2280 	otp_read_conf(11, &otp_rid[1]);
2281 
2282 	sw_rid[0] = readl(SW_REV_ID0);
2283 	sw_rid[1] = readl(SW_REV_ID1);
2284 
2285 	rid_num = get_rid_num(otp_rid);
2286 	sw_rid_num = get_rid_num(sw_rid);
2287 
2288 	if (sw_rid_num < 0) {
2289 		printf("SW revision id is invalid, please check.\n");
2290 		return OTP_FAILURE;
2291 	}
2292 
2293 	if (update_num > sw_rid_num) {
2294 		printf("current SW revision ID: 0x%x\n", sw_rid_num);
2295 		printf("update number could not bigger than current SW revision id\n");
2296 		return OTP_FAILURE;
2297 	}
2298 
2299 	if (rid_num < 0) {
2300 		printf("Current OTP revision ID cannot handle by this command,\n"
2301 		       "please use 'otp pb' command to update it manually\n");
2302 		otp_print_revid(otp_rid);
2303 		return OTP_FAILURE;
2304 	}
2305 
2306 	printf("current OTP revision ID: 0x%x\n", rid_num);
2307 	otp_print_revid(otp_rid);
2308 	printf("input update number: 0x%x\n", update_num);
2309 
2310 	if (rid_num > update_num) {
2311 		printf("OTP rev_id is bigger than 0x%X\n", update_num);
2312 		printf("Skip\n");
2313 		return OTP_FAILURE;
2314 	} else if (rid_num == update_num) {
2315 		printf("OTP rev_id is same as input\n");
2316 		printf("Skip\n");
2317 		return OTP_FAILURE;
2318 	}
2319 
2320 	for (i = rid_num; i < update_num; i++) {
2321 		if (i < 32) {
2322 			dw_offset = 0xa;
2323 			bit_offset = i;
2324 		} else {
2325 			dw_offset = 0xb;
2326 			bit_offset = i - 32;
2327 		}
2328 		printf("OTPCFG0x%X[0x%X]", dw_offset, bit_offset);
2329 		if (i + 1 != update_num)
2330 			printf(", ");
2331 	}
2332 
2333 	printf(" will be programmed\n");
2334 	if (force == 0) {
2335 		printf("type \"YES\" (no quotes) to continue:\n");
2336 		if (!confirm_yesno()) {
2337 			printf(" Aborting\n");
2338 			return OTP_FAILURE;
2339 		}
2340 	}
2341 
2342 	ret = 0;
2343 	for (i = rid_num; i < update_num; i++) {
2344 		if (i < 32) {
2345 			dw_offset = 0xa04;
2346 			bit_offset = i;
2347 		} else {
2348 			dw_offset = 0xa06;
2349 			bit_offset = i - 32;
2350 		}
2351 		if (otp_prog_dc_b(1, dw_offset, bit_offset)) {
2352 			printf("OTPCFG0x%X[0x%X] programming failed\n", dw_offset, bit_offset);
2353 			ret = OTP_FAILURE;
2354 			break;
2355 		}
2356 	}
2357 	otp_soak(0);
2358 	otp_read_conf(10, &otp_rid[0]);
2359 	otp_read_conf(11, &otp_rid[1]);
2360 	rid_num = get_rid_num(otp_rid);
2361 	if (rid_num >= 0)
2362 		printf("OTP revision ID: 0x%x\n", rid_num);
2363 	else
2364 		printf("OTP revision ID\n");
2365 	otp_print_revid(otp_rid);
2366 	if (!ret)
2367 		printf("SUCCESS\n");
2368 	else
2369 		printf("FAILED\n");
2370 	return ret;
2371 }
2372 
2373 static int otp_retire_key(u32 retire_id, int force)
2374 {
2375 	u32 otpcfg4;
2376 	u32 krb;
2377 	u32 krb_b;
2378 	u32 krb_or;
2379 	u32 current_id;
2380 
2381 	otp_read_conf(4, &otpcfg4);
2382 	current_id = readl(SEC_KEY_NUM) & 7;
2383 	krb = otpcfg4 & 0xff;
2384 	krb_b = (otpcfg4 >> 16) & 0xff;
2385 	krb_or = krb | krb_b;
2386 
2387 	printf("current Key ID: 0x%x\n", current_id);
2388 	printf("input retire ID: 0x%x\n", retire_id);
2389 	printf("OTPCFG0x4 = 0x%X\n", otpcfg4);
2390 
2391 	if (info_cb.pro_sts.pro_key_ret) {
2392 		printf("OTPCFG4 is protected\n");
2393 		return OTP_FAILURE;
2394 	}
2395 
2396 	if (retire_id >= current_id) {
2397 		printf("Retire key id is equal or bigger than current boot key\n");
2398 		return OTP_FAILURE;
2399 	}
2400 
2401 	if (krb_or & (1 << retire_id)) {
2402 		printf("Key 0x%X already retired\n", retire_id);
2403 		return OTP_SUCCESS;
2404 	}
2405 
2406 	printf("OTPCFG0x4[0x%X] will be programmed\n", retire_id);
2407 	if (force == 0) {
2408 		printf("type \"YES\" (no quotes) to continue:\n");
2409 		if (!confirm_yesno()) {
2410 			printf(" Aborting\n");
2411 			return OTP_FAILURE;
2412 		}
2413 	}
2414 
2415 	if (otp_prog_dc_b(1, 0x808, retire_id) == OTP_FAILURE) {
2416 		printf("OTPCFG0x4[0x%X] programming failed\n", retire_id);
2417 		printf("try to program backup OTPCFG0x4[0x%X]\n", retire_id + 16);
2418 		if (otp_prog_dc_b(1, 0x808, retire_id + 16) == OTP_FAILURE)
2419 			printf("OTPCFG0x4[0x%X] programming failed", retire_id + 16);
2420 	}
2421 
2422 	otp_soak(0);
2423 	otp_read_conf(4, &otpcfg4);
2424 	krb = otpcfg4 & 0xff;
2425 	krb_b = (otpcfg4 >> 16) & 0xff;
2426 	krb_or = krb | krb_b;
2427 	if (krb_or & (1 << retire_id)) {
2428 		printf("SUCCESS\n");
2429 		return OTP_SUCCESS;
2430 	}
2431 	printf("FAILED\n");
2432 	return OTP_FAILURE;
2433 }
2434 
2435 static int parse_config(struct sb_info *si)
2436 {
2437 	int i;
2438 	u32 cfg0, cfg3, cfg4;
2439 	u32 sb_mode;
2440 	u32 key_retire;
2441 	u32 rsa_len;
2442 	u32 sha_len;
2443 
2444 	otp_read_conf(0, &cfg0);
2445 	otp_read_conf(3, &cfg3);
2446 	otp_read_conf(4, &cfg4);
2447 
2448 	sb_mode = (cfg0 >> 7) & 0x1;
2449 	si->enc_flag = (cfg0 >> 27) & 0x1;
2450 	key_retire = (cfg4 & 0x7f) | ((cfg4 >> 16) & 0x7f);
2451 
2452 	if ((cfg0 >> 16) & 0x3f)
2453 		si->secure_region = 1;
2454 	else
2455 		si->secure_region = 0;
2456 
2457 	si->header_offset = cfg3 & 0xffff;
2458 	if (si->header_offset == 0)
2459 		si->header_offset = 0x20;
2460 
2461 	for (i = 0; i < 8; i++) {
2462 		if ((key_retire >> i) & 0x1)
2463 			si->retire_list[i] = 1;
2464 		else
2465 			si->retire_list[i] = 0;
2466 	}
2467 
2468 	if (sb_mode == 0) {
2469 		printf("Mode GCM is not supported.\n");
2470 		return OTP_FAILURE;
2471 	}
2472 
2473 	if (si->enc_flag)
2474 		printf("Algorithm: AES_RSA_SHA\n");
2475 	else
2476 		printf("Algorithm: RSA_SHA\n");
2477 
2478 	rsa_len = (cfg0 >> 10) & 0x3;
2479 	sha_len = (cfg0 >> 12) & 0x3;
2480 
2481 	if (rsa_len == 0) {
2482 		si->rsa_algo = 1024;
2483 		printf("RSA length: 1024\n");
2484 	} else if (rsa_len == 1) {
2485 		si->rsa_algo = 2048;
2486 		printf("RSA length: 2048\n");
2487 	} else if (rsa_len == 2) {
2488 		si->rsa_algo = 3072;
2489 		printf("RSA length: 3072\n");
2490 	} else {
2491 		si->rsa_algo = 4096;
2492 		printf("RSA length: 4096\n");
2493 	}
2494 	if (sha_len == 0) {
2495 		si->sha_algo = 224;
2496 		si->digest_len = 28;
2497 		printf("HASH length: 224\n");
2498 	} else if (sha_len == 1) {
2499 		si->sha_algo = 256;
2500 		si->digest_len = 32;
2501 		printf("HASH length: 256\n");
2502 	} else if (sha_len == 2) {
2503 		si->sha_algo = 384;
2504 		si->digest_len = 48;
2505 		printf("HASH length: 384\n");
2506 	} else {
2507 		si->sha_algo = 512;
2508 		si->digest_len = 64;
2509 		printf("HASH length: 512\n");
2510 	}
2511 	return OTP_SUCCESS;
2512 }
2513 
2514 static void parse_data(struct key_list *kl, int *key_num, struct sb_info *si, u32 *data)
2515 {
2516 	const struct otpkey_type *key_info_array = info_cb.key_info;
2517 	int i, j;
2518 	int id = 0;
2519 	u32 h;
2520 	u32 t;
2521 
2522 	*key_num = 0;
2523 	for (i = 0; i < 16; i++) {
2524 		h = data[i];
2525 		t = (h >> 14) & 0xf;
2526 		for (j = 0; j < info_cb.key_info_len; j++) {
2527 			if (t == key_info_array[j].value) {
2528 				kl[*key_num].key_info = &key_info_array[j];
2529 				kl[*key_num].offset = h & 0x1ff8;
2530 				id = h & 0x7;
2531 				kl[*key_num].id = id;
2532 				if (si->retire_list[id] == 1)
2533 					kl[*key_num].retire = 1;
2534 				else
2535 					kl[*key_num].retire = 0;
2536 				(*key_num)++;
2537 				break;
2538 			}
2539 		}
2540 		if ((data[i] >> 13) & 1)
2541 			break;
2542 	}
2543 }
2544 
2545 static int sb_sha(struct sb_info *si, u8 *sec_image, u32 sign_image_size, u8 *digest_ret)
2546 {
2547 	switch (si->sha_algo) {
2548 	case 224:
2549 		printf("otp verify does not support SHA224\n");
2550 		return OTP_FAILURE;
2551 	case 256:
2552 		sb_sha256(sec_image, sign_image_size, digest_ret);
2553 		break;
2554 	case 384:
2555 		sb_sha384(sec_image, sign_image_size, digest_ret);
2556 		break;
2557 	case 512:
2558 		sb_sha512(sec_image, sign_image_size, digest_ret);
2559 		break;
2560 	default:
2561 		printf("SHA Algorithm is invalid\n");
2562 		return OTP_FAILURE;
2563 	}
2564 	return 0;
2565 }
2566 
2567 static int mode2_verify(u8 *sec_image, u32 sign_image_size,
2568 			u8 *signature, u8 *rsa_m,
2569 			int order, u8 *digest,
2570 			struct sb_info *si, struct udevice *mod_exp_dev)
2571 {
2572 	struct key_prop prop;
2573 	u8 rsa_e[3] = "\x01\x00\x01";
2574 	u8 sign_ret[512];
2575 	u8 rsa_m_rev[512];
2576 	u8 signature_rev[512];
2577 	u8 tmp;
2578 	u32 rsa_len = si->rsa_algo / 8;
2579 	int i;
2580 	int ret;
2581 
2582 	memset(&prop, 0, sizeof(struct key_prop));
2583 
2584 	if (order == OTP_LIT_END) {
2585 		memset(rsa_m_rev, 0, 512);
2586 		memset(signature_rev, 0, 512);
2587 		for (i = 0; i < rsa_len; i++) {
2588 			rsa_m_rev[i] = rsa_m[rsa_len - 1 - i];
2589 			signature_rev[i] = signature[rsa_len - 1 - i];
2590 		}
2591 		prop.modulus = rsa_m_rev;
2592 		prop.num_bits = si->rsa_algo;
2593 		prop.public_exponent = rsa_e;
2594 		prop.exp_len = 3;
2595 		ret = rsa_mod_exp(mod_exp_dev, signature_rev, rsa_len, &prop, sign_ret);
2596 	} else {
2597 		prop.modulus = rsa_m;
2598 		prop.num_bits = si->rsa_algo;
2599 		prop.public_exponent = rsa_e;
2600 		prop.exp_len = 3;
2601 		ret = rsa_mod_exp(mod_exp_dev, signature, rsa_len, &prop, sign_ret);
2602 	}
2603 
2604 	if (ret) {
2605 		printf("rsa_mod_exp error: %d\n", ret);
2606 		return OTP_FAILURE;
2607 	}
2608 
2609 	if (order == OTP_LIT_END) {
2610 		for (i = 0; i < rsa_len / 2; i++) {
2611 			tmp = sign_ret[i];
2612 			sign_ret[i] = sign_ret[rsa_len - 1 - i];
2613 			sign_ret[rsa_len - 1 - i] = tmp;
2614 		}
2615 		ret = memcmp(digest, sign_ret, si->digest_len);
2616 	} else {
2617 		ret = memcmp(digest, sign_ret + (rsa_len - si->digest_len), si->digest_len);
2618 	}
2619 
2620 	if (ret)
2621 		return OTP_FAILURE;
2622 	return 0;
2623 }
2624 
2625 static int otp_verify_boot_image(phys_addr_t addr)
2626 {
2627 	struct udevice *mod_exp_dev;
2628 	struct sb_info si;
2629 	struct key_list kl[16];
2630 	struct sb_header *sh;
2631 	u32 data[2048];
2632 	u8 digest[64];
2633 	u8 *sec_image;
2634 	u8 *signature;
2635 	u8 *key;
2636 	u32 otp_rid[2];
2637 	u32 sw_rid[2];
2638 	u64 *otp_rid64 = (u64 *)otp_rid;
2639 	u64 *sw_rid64 = (u64 *)sw_rid;
2640 	int key_num;
2641 	int ret;
2642 	int i;
2643 	int pass = 0;
2644 
2645 	ret = uclass_get_device_by_driver(UCLASS_MOD_EXP, DM_GET_DRIVER(aspeed_acry), &mod_exp_dev);
2646 	if (ret) {
2647 		printf("RSA engine: Can't find aspeed_acry\n");
2648 		return OTP_FAILURE;
2649 	}
2650 
2651 	for (i = 0; i < 2048 ; i += 2)
2652 		otp_read_data(i, &data[i]);
2653 	if (parse_config(&si))
2654 		return OTP_FAILURE;
2655 	parse_data(kl, &key_num, &si, data);
2656 	otp_read_conf(10, &otp_rid[0]);
2657 	otp_read_conf(11, &otp_rid[1]);
2658 
2659 	sec_image = (u8 *)addr;
2660 	sh = (struct sb_header *)(sec_image + si.header_offset);
2661 	signature = sec_image + sh->signature_offset;
2662 
2663 	if (si.secure_region)
2664 		printf("WARNING: Secure Region is enabled, the verification may not correct.\n");
2665 
2666 	if (sh->sign_image_size % 512) {
2667 		printf("ERROR: The sign_image_size should be 512 bytes aligned\n");
2668 		return OTP_FAILURE;
2669 	}
2670 
2671 	printf("Check revision ID: ");
2672 
2673 	sw_rid[0] = sh->revision_low;
2674 	sw_rid[1] = sh->revision_high;
2675 
2676 	if (*otp_rid64 > *sw_rid64) {
2677 		printf("FAIL\n");
2678 		printf("Header revision_low:  %x\n", sh->revision_low);
2679 		printf("Header revision_high: %x\n", sh->revision_high);
2680 		printf("OTP revision_low:     %x\n", otp_rid[0]);
2681 		printf("OTP revision_high:    %x\n", otp_rid[1]);
2682 		return OTP_FAILURE;
2683 	}
2684 	printf("PASS\n");
2685 
2686 	printf("Check secure image header: ");
2687 	if (((sh->aes_data_offset + sh->enc_offset + sh->sign_image_size +
2688 	      sh->signature_offset + sh->revision_high + sh->revision_low +
2689 	      sh->reserved + sh->bl1_header_checksum) & 0xffffffff) != 0) {
2690 		printf("FAIL\n");
2691 		printf("aes_data_offset:     %x\n", sh->aes_data_offset);
2692 		printf("enc_offset:          %x\n", sh->enc_offset);
2693 		printf("sign_image_size:     %x\n", sh->sign_image_size);
2694 		printf("signature_offset:    %x\n", sh->signature_offset);
2695 		printf("revision_high:       %x\n", sh->revision_high);
2696 		printf("revision_low:        %x\n", sh->revision_low);
2697 		printf("reserved:            %x\n", sh->reserved);
2698 		printf("bl1_header_checksum: %x\n", sh->bl1_header_checksum);
2699 		return OTP_FAILURE;
2700 	}
2701 	printf("PASS\n");
2702 
2703 	ret = sb_sha(&si, sec_image, sh->sign_image_size, digest);
2704 	if (ret)
2705 		return OTP_FAILURE;
2706 
2707 	printf("Verifying secure image\n");
2708 	for (i = 0; i < key_num; i++) {
2709 		if (kl[i].key_info->key_type != OTP_KEY_TYPE_RSA_PUB)
2710 			continue;
2711 		printf(" Key %d\n", kl[i].id);
2712 		if (kl[i].retire) {
2713 			printf(" Key %d is retired.\n", kl[i].id);
2714 			continue;
2715 		}
2716 		key = (u8 *)data + kl[i].offset;
2717 		if (!mode2_verify(sec_image, sh->sign_image_size,
2718 				  signature, key, kl[i].key_info->order, digest,
2719 				  &si, mod_exp_dev)) {
2720 			pass = 1;
2721 			break;
2722 		}
2723 	}
2724 	if (pass) {
2725 		printf("  OEM DSS RSA public keys\n");
2726 		printf("  ID: %d\n", kl[i].id);
2727 		if (kl[i].key_info->order == OTP_BIG_END)
2728 			printf("  Big endian\n");
2729 		else
2730 			printf("  Little endian\n");
2731 		printf("Verify secure image: PASS\n");
2732 		return OTP_SUCCESS;
2733 	}
2734 	printf("Verify secure image: FAIL\n");
2735 	return OTP_FAILURE;
2736 }
2737 
2738 static int otp_invalid_key(u32 header_offset, int force)
2739 {
2740 	int i;
2741 	int ret;
2742 	u32 header_list[16];
2743 	u32 header;
2744 	u32 key_type;
2745 	u32 prog_val;
2746 
2747 	for (i = 0; i < 16 ; i += 2)
2748 		otp_read_data(i, &header_list[i]);
2749 	header = header_list[header_offset];
2750 	key_type = (header >> 14) & 0xf;
2751 	_otp_print_key(header, header_offset, NULL);
2752 	if (key_type == 0 || key_type == 0xf) {
2753 		printf("Key[%d] already invalid\n", header_offset);
2754 		return OTP_SUCCESS;
2755 	}
2756 
2757 	printf("Key[%d] will be invalid\n", header_offset);
2758 	if (force == 0) {
2759 		printf("type \"YES\" (no quotes) to continue:\n");
2760 		if (!confirm_yesno()) {
2761 			printf(" Aborting\n");
2762 			return OTP_FAILURE;
2763 		}
2764 	}
2765 
2766 	if (header_offset % 2)
2767 		prog_val = 0;
2768 	else
2769 		prog_val = 1;
2770 	for (i = 14; i <= 17; i++) {
2771 		ret = otp_prog_dc_b(prog_val, header_offset, i);
2772 		if (ret) {
2773 			printf("OTPDATA0x%x[%d] programming failed\n", header_offset, i);
2774 			return OTP_FAILURE;
2775 		}
2776 	}
2777 
2778 	printf("SUCCESS\n");
2779 	return OTP_SUCCESS;
2780 }
2781 
2782 static int do_otpread(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
2783 {
2784 	u32 offset, count;
2785 	int ret;
2786 
2787 	if (argc == 4) {
2788 		offset = simple_strtoul(argv[2], NULL, 16);
2789 		count = simple_strtoul(argv[3], NULL, 16);
2790 	} else if (argc == 3) {
2791 		offset = simple_strtoul(argv[2], NULL, 16);
2792 		count = 1;
2793 	} else {
2794 		return CMD_RET_USAGE;
2795 	}
2796 
2797 	if (!strcmp(argv[1], "conf"))
2798 		ret = otp_print_conf(offset, count);
2799 	else if (!strcmp(argv[1], "data"))
2800 		ret = otp_print_data(offset, count);
2801 	else if (!strcmp(argv[1], "strap"))
2802 		ret = otp_print_strap(offset, count);
2803 	else
2804 		return CMD_RET_USAGE;
2805 
2806 	if (ret == OTP_SUCCESS)
2807 		return CMD_RET_SUCCESS;
2808 	return CMD_RET_USAGE;
2809 }
2810 
2811 static int do_otpprog(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
2812 {
2813 	phys_addr_t addr;
2814 	int ret;
2815 
2816 	if (argc == 3) {
2817 		if (strcmp(argv[1], "o"))
2818 			return CMD_RET_USAGE;
2819 		addr = simple_strtoul(argv[2], NULL, 16);
2820 		ret = otp_prog_image(addr, 1);
2821 	} else if (argc == 2) {
2822 		addr = simple_strtoul(argv[1], NULL, 16);
2823 		ret = otp_prog_image(addr, 0);
2824 	} else {
2825 		return CMD_RET_USAGE;
2826 	}
2827 
2828 	if (ret == OTP_SUCCESS)
2829 		return CMD_RET_SUCCESS;
2830 	else if (ret == OTP_FAILURE)
2831 		return CMD_RET_FAILURE;
2832 	else
2833 		return CMD_RET_USAGE;
2834 }
2835 
2836 static int do_otppb(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
2837 {
2838 	int mode = 0;
2839 	int nconfirm = 0;
2840 	int otp_addr = 0;
2841 	int bit_offset;
2842 	int value;
2843 	int ret;
2844 	u32 otp_strap_pro;
2845 
2846 	if (argc != 4 && argc != 5 && argc != 6)
2847 		return CMD_RET_USAGE;
2848 
2849 	/* Drop the pb cmd */
2850 	argc--;
2851 	argv++;
2852 
2853 	if (!strcmp(argv[0], "conf"))
2854 		mode = OTP_REGION_CONF;
2855 	else if (!strcmp(argv[0], "strap"))
2856 		mode = OTP_REGION_STRAP;
2857 	else if (!strcmp(argv[0], "data"))
2858 		mode = OTP_REGION_DATA;
2859 	else
2860 		return CMD_RET_USAGE;
2861 
2862 	/* Drop the region cmd */
2863 	argc--;
2864 	argv++;
2865 
2866 	if (!strcmp(argv[0], "o")) {
2867 		nconfirm = 1;
2868 		/* Drop the force option */
2869 		argc--;
2870 		argv++;
2871 	}
2872 
2873 	if (mode == OTP_REGION_STRAP) {
2874 		bit_offset = simple_strtoul(argv[0], NULL, 16);
2875 		value = simple_strtoul(argv[1], NULL, 16);
2876 		if (bit_offset >= 64 || (value != 0 && value != 1))
2877 			return CMD_RET_USAGE;
2878 	} else {
2879 		otp_addr = simple_strtoul(argv[0], NULL, 16);
2880 		bit_offset = simple_strtoul(argv[1], NULL, 16);
2881 		value = simple_strtoul(argv[2], NULL, 16);
2882 		if (bit_offset >= 32 || (value != 0 && value != 1))
2883 			return CMD_RET_USAGE;
2884 		if (mode == OTP_REGION_DATA) {
2885 			if (otp_addr >= 0x800)
2886 				return CMD_RET_USAGE;
2887 		} else {
2888 			if (otp_addr >= 0x20)
2889 				return CMD_RET_USAGE;
2890 		}
2891 	}
2892 	if (value != 0 && value != 1)
2893 		return CMD_RET_USAGE;
2894 
2895 	ret = 0;
2896 	if (info_cb.pro_sts.mem_lock) {
2897 		printf("OTP memory is locked\n");
2898 		return CMD_RET_FAILURE;
2899 	}
2900 	if (mode == OTP_REGION_DATA) {
2901 		if (info_cb.pro_sts.sec_size == 0) {
2902 			if (info_cb.pro_sts.pro_data) {
2903 				printf("OTP data region is protected\n");
2904 				ret = -1;
2905 			}
2906 		} else if (otp_addr < info_cb.pro_sts.sec_size && otp_addr >= 16) {
2907 			printf("OTP secure region is not readable, skip it to prevent unpredictable result\n");
2908 			ret = -1;
2909 		} else if (otp_addr < info_cb.pro_sts.sec_size) {
2910 			// header region(0x0~0x40) is still readable even secure region is set.
2911 			if (info_cb.pro_sts.pro_sec) {
2912 				printf("OTP secure region is protected\n");
2913 				ret = -1;
2914 			}
2915 		} else if (info_cb.pro_sts.pro_data) {
2916 			printf("OTP data region is protected\n");
2917 			ret = -1;
2918 		}
2919 	} else if (mode == OTP_REGION_CONF) {
2920 		if (otp_addr != 4 && otp_addr != 10 && otp_addr != 11 && otp_addr < 16) {
2921 			if (info_cb.pro_sts.pro_conf) {
2922 				printf("OTP config region is protected\n");
2923 				ret = -1;
2924 			}
2925 		} else if (otp_addr == 10 || otp_addr == 11) {
2926 			u32 otp_rid[2];
2927 			u32 sw_rid[2];
2928 			u64 *otp_rid64 = (u64 *)otp_rid;
2929 			u64 *sw_rid64 = (u64 *)sw_rid;
2930 
2931 			otp_read_conf(10, &otp_rid[0]);
2932 			otp_read_conf(11, &otp_rid[1]);
2933 			sw_rid[0] = readl(SW_REV_ID0);
2934 			sw_rid[1] = readl(SW_REV_ID1);
2935 
2936 			if (otp_addr == 10)
2937 				otp_rid[0] |= 1 << bit_offset;
2938 			else
2939 				otp_rid[1] |= 1 << bit_offset;
2940 
2941 			if (*otp_rid64 > *sw_rid64) {
2942 				printf("update number could not bigger than current SW revision id\n");
2943 				ret = -1;
2944 			}
2945 		} else if (otp_addr == 4) {
2946 			if (info_cb.pro_sts.pro_key_ret) {
2947 				printf("OTPCFG4 is protected\n");
2948 				ret = -1;
2949 			} else {
2950 				if ((bit_offset >= 0 && bit_offset <= 7) ||
2951 				    (bit_offset >= 16 && bit_offset <= 23)) {
2952 					u32 key_num;
2953 					u32 retire;
2954 
2955 					key_num = readl(SEC_KEY_NUM) & 3;
2956 					if (bit_offset >= 16)
2957 						retire = bit_offset - 16;
2958 					else
2959 						retire = bit_offset;
2960 					if (retire >= key_num) {
2961 						printf("Retire key id is equal or bigger than current boot key\n");
2962 						ret = -1;
2963 					}
2964 				}
2965 			}
2966 		} else if (otp_addr >= 16 && otp_addr <= 31) {
2967 			if (info_cb.pro_sts.pro_strap) {
2968 				printf("OTP strap region is protected\n");
2969 				ret = -1;
2970 			} else if ((otp_addr < 30 && info_cb.version == OTP_A0) ||
2971 				   (otp_addr < 28 && info_cb.version != OTP_A0)) {
2972 				if (otp_addr % 2 == 0)
2973 					otp_read_conf(30, &otp_strap_pro);
2974 				else
2975 					otp_read_conf(31, &otp_strap_pro);
2976 				if (otp_strap_pro >> bit_offset & 0x1) {
2977 					printf("OTPCFG0x%X[0x%X] is protected\n", otp_addr, bit_offset);
2978 					ret = -1;
2979 				}
2980 			}
2981 		}
2982 	} else if (mode == OTP_REGION_STRAP) {
2983 		// per bit protection will check in otp_strap_bit_confirm
2984 		if (info_cb.pro_sts.pro_strap) {
2985 			printf("OTP strap region is protected\n");
2986 			ret = -1;
2987 		}
2988 	}
2989 
2990 	if (ret == -1)
2991 		return CMD_RET_FAILURE;
2992 
2993 	ret = otp_prog_bit(mode, otp_addr, bit_offset, value, nconfirm);
2994 
2995 	if (ret == OTP_SUCCESS)
2996 		return CMD_RET_SUCCESS;
2997 	else if (ret == OTP_FAILURE)
2998 		return CMD_RET_FAILURE;
2999 	else
3000 		return CMD_RET_USAGE;
3001 }
3002 
3003 static int do_otpcmp(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3004 {
3005 	phys_addr_t addr;
3006 	int otp_addr = 0;
3007 	int ret;
3008 
3009 	if (argc != 3)
3010 		return CMD_RET_USAGE;
3011 
3012 	addr = simple_strtoul(argv[1], NULL, 16);
3013 	otp_addr = simple_strtoul(argv[2], NULL, 16);
3014 	ret = otp_compare(otp_addr, addr);
3015 	if (ret == 0) {
3016 		printf("Compare pass\n");
3017 		return CMD_RET_SUCCESS;
3018 	}
3019 	printf("Compare fail\n");
3020 	return CMD_RET_FAILURE;
3021 }
3022 
3023 static int do_otpinfo(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3024 {
3025 	int view = 0;
3026 	int input;
3027 
3028 	if (argc != 2 && argc != 3)
3029 		return CMD_RET_USAGE;
3030 
3031 	if (!strcmp(argv[1], "conf")) {
3032 		if (argc == 3) {
3033 			input = simple_strtoul(argv[2], NULL, 16);
3034 			otp_print_conf_info(input);
3035 		} else {
3036 			otp_print_conf_info(-1);
3037 		}
3038 	} else if (!strcmp(argv[1], "strap")) {
3039 		if (!strcmp(argv[2], "v")) {
3040 			view = 1;
3041 			/* Drop the view option */
3042 			argc--;
3043 			argv++;
3044 		}
3045 		otp_print_strap_info(view);
3046 	} else if (!strcmp(argv[1], "scu")) {
3047 		otp_print_scu_info();
3048 	} else if (!strcmp(argv[1], "key")) {
3049 		otp_print_key_info();
3050 	} else {
3051 		return CMD_RET_USAGE;
3052 	}
3053 
3054 	return CMD_RET_SUCCESS;
3055 }
3056 
3057 static int do_otpprotect(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3058 {
3059 	u32 input;
3060 	u32 bit_offset;
3061 	u32 prog_address;
3062 	char force;
3063 	int ret;
3064 
3065 	if (argc != 3 && argc != 2)
3066 		return CMD_RET_USAGE;
3067 
3068 	if (!strcmp(argv[1], "o")) {
3069 		input = simple_strtoul(argv[2], NULL, 16);
3070 		force = 1;
3071 	} else {
3072 		input = simple_strtoul(argv[1], NULL, 16);
3073 		force = 0;
3074 	}
3075 
3076 	if (input < 32) {
3077 		bit_offset = input;
3078 		prog_address = 0xe0c;
3079 	} else if (input < 64) {
3080 		bit_offset = input - 32;
3081 		prog_address = 0xe0e;
3082 	} else {
3083 		return CMD_RET_USAGE;
3084 	}
3085 
3086 	if (info_cb.pro_sts.pro_strap) {
3087 		printf("OTP strap region is protected\n");
3088 		return CMD_RET_FAILURE;
3089 	}
3090 
3091 	if (!force) {
3092 		printf("OTPSTRAP[0x%X] will be protected\n", input);
3093 		printf("type \"YES\" (no quotes) to continue:\n");
3094 		if (!confirm_yesno()) {
3095 			printf(" Aborting\n");
3096 			return CMD_RET_FAILURE;
3097 		}
3098 	}
3099 
3100 	if (verify_bit(prog_address, bit_offset, 1) == 0) {
3101 		printf("OTPSTRAP[0x%X] already protected\n", input);
3102 		return CMD_RET_SUCCESS;
3103 	}
3104 
3105 	ret = otp_prog_dc_b(1, prog_address, bit_offset);
3106 	otp_soak(0);
3107 
3108 	if (ret) {
3109 		printf("Protect OTPSTRAP[0x%X] fail\n", input);
3110 		return CMD_RET_FAILURE;
3111 	}
3112 
3113 	printf("OTPSTRAP[0x%X] is protected\n", input);
3114 	return CMD_RET_SUCCESS;
3115 }
3116 
3117 static int do_otp_scuprotect(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3118 {
3119 	u32 scu_offset;
3120 	u32 bit_offset;
3121 	u32 conf_offset;
3122 	u32 prog_address;
3123 	char force;
3124 	int ret;
3125 
3126 	if (argc != 4 && argc != 3)
3127 		return CMD_RET_USAGE;
3128 
3129 	if (!strcmp(argv[1], "o")) {
3130 		scu_offset = simple_strtoul(argv[2], NULL, 16);
3131 		bit_offset = simple_strtoul(argv[3], NULL, 16);
3132 		force = 1;
3133 	} else {
3134 		scu_offset = simple_strtoul(argv[1], NULL, 16);
3135 		bit_offset = simple_strtoul(argv[2], NULL, 16);
3136 		force = 0;
3137 	}
3138 	if (scu_offset == 0x500) {
3139 		prog_address = 0xe08;
3140 		conf_offset = 28;
3141 	} else if (scu_offset == 0x510) {
3142 		prog_address = 0xe0a;
3143 		conf_offset = 29;
3144 	} else {
3145 		return CMD_RET_USAGE;
3146 	}
3147 	if (bit_offset < 0 || bit_offset > 31)
3148 		return CMD_RET_USAGE;
3149 	if (info_cb.pro_sts.pro_strap) {
3150 		printf("OTP strap region is protected\n");
3151 		return CMD_RET_FAILURE;
3152 	}
3153 	if (!force) {
3154 		printf("OTPCONF0x%X[0x%X] will be programmed\n", conf_offset, bit_offset);
3155 		printf("SCU0x%X[0x%X] will be protected\n", scu_offset, bit_offset);
3156 		printf("type \"YES\" (no quotes) to continue:\n");
3157 		if (!confirm_yesno()) {
3158 			printf(" Aborting\n");
3159 			return CMD_RET_FAILURE;
3160 		}
3161 	}
3162 
3163 	if (verify_bit(prog_address, bit_offset, 1) == 0) {
3164 		printf("OTPCONF0x%X[0x%X] already programmed\n", conf_offset, bit_offset);
3165 		return CMD_RET_SUCCESS;
3166 	}
3167 
3168 	ret = otp_prog_dc_b(1, prog_address, bit_offset);
3169 	otp_soak(0);
3170 
3171 	if (ret) {
3172 		printf("Program OTPCONF0x%X[0x%X] fail\n", conf_offset, bit_offset);
3173 		return CMD_RET_FAILURE;
3174 	}
3175 
3176 	printf("OTPCONF0x%X[0x%X] programmed success\n", conf_offset, bit_offset);
3177 	return CMD_RET_SUCCESS;
3178 }
3179 
3180 static int do_otpver(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3181 {
3182 	printf("SOC OTP version: %s\n", info_cb.ver_name);
3183 	printf("OTP tool version: %s\n", OTP_VER);
3184 	printf("OTP info version: %s\n", OTP_INFO_VER);
3185 
3186 	return CMD_RET_SUCCESS;
3187 }
3188 
3189 static int do_otpupdate(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3190 {
3191 	u32 update_num;
3192 	int force = 0;
3193 	int ret;
3194 
3195 	if (argc == 3) {
3196 		if (strcmp(argv[1], "o"))
3197 			return CMD_RET_USAGE;
3198 		force = 1;
3199 		update_num = simple_strtoul(argv[2], NULL, 16);
3200 	} else if (argc == 2) {
3201 		update_num = simple_strtoul(argv[1], NULL, 16);
3202 	} else {
3203 		return CMD_RET_USAGE;
3204 	}
3205 
3206 	if (update_num > 64)
3207 		return CMD_RET_USAGE;
3208 	ret = otp_update_rid(update_num, force);
3209 
3210 	if (ret)
3211 		return CMD_RET_FAILURE;
3212 	return CMD_RET_SUCCESS;
3213 }
3214 
3215 static int do_otprid(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3216 {
3217 	u32 otp_rid[2];
3218 	u32 sw_rid[2];
3219 	int rid_num = 0;
3220 	int sw_rid_num = 0;
3221 	int ret;
3222 
3223 	if (argc != 1)
3224 		return CMD_RET_USAGE;
3225 
3226 	otp_read_conf(10, &otp_rid[0]);
3227 	otp_read_conf(11, &otp_rid[1]);
3228 
3229 	sw_rid[0] = readl(SW_REV_ID0);
3230 	sw_rid[1] = readl(SW_REV_ID1);
3231 
3232 	rid_num = get_rid_num(otp_rid);
3233 	sw_rid_num = get_rid_num(sw_rid);
3234 
3235 	if (sw_rid_num < 0) {
3236 		printf("SW revision id is invalid, please check.\n");
3237 		printf("SEC68:0x%x\n", sw_rid[0]);
3238 		printf("SEC6C:0x%x\n", sw_rid[1]);
3239 	} else {
3240 		printf("current SW revision ID: 0x%x\n", sw_rid_num);
3241 	}
3242 	if (rid_num >= 0) {
3243 		printf("current OTP revision ID: 0x%x\n", rid_num);
3244 		ret = CMD_RET_SUCCESS;
3245 	} else {
3246 		printf("Current OTP revision ID cannot handle by 'otp update',\n"
3247 		       "please use 'otp pb' command to update it manually\n"
3248 		       "current OTP revision ID\n");
3249 		ret = CMD_RET_FAILURE;
3250 	}
3251 	otp_print_revid(otp_rid);
3252 
3253 	return ret;
3254 }
3255 
3256 static int do_otpretire(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3257 {
3258 	u32 retire_id;
3259 	int force = 0;
3260 	int ret;
3261 
3262 	if (argc == 3) {
3263 		if (strcmp(argv[1], "o"))
3264 			return CMD_RET_USAGE;
3265 		force = 1;
3266 		retire_id = simple_strtoul(argv[2], NULL, 16);
3267 	} else if (argc == 2) {
3268 		retire_id = simple_strtoul(argv[1], NULL, 16);
3269 	} else {
3270 		return CMD_RET_USAGE;
3271 	}
3272 
3273 	if (retire_id > 7)
3274 		return CMD_RET_USAGE;
3275 	ret = otp_retire_key(retire_id, force);
3276 
3277 	if (ret)
3278 		return CMD_RET_FAILURE;
3279 	return CMD_RET_SUCCESS;
3280 }
3281 
3282 static int do_otpverify(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3283 {
3284 	phys_addr_t addr;
3285 	int ret;
3286 
3287 	if (argc == 2) {
3288 		addr = simple_strtoul(argv[1], NULL, 16);
3289 		ret = otp_verify_boot_image(addr);
3290 	} else {
3291 		return CMD_RET_USAGE;
3292 	}
3293 
3294 	if (ret == OTP_SUCCESS)
3295 		return CMD_RET_SUCCESS;
3296 	else if (ret == OTP_FAILURE)
3297 		return CMD_RET_FAILURE;
3298 	else
3299 		return CMD_RET_USAGE;
3300 }
3301 
3302 static int do_otpinvalid(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3303 {
3304 	u32 header_offset;
3305 	int force = 0;
3306 	int ret;
3307 
3308 	if (argc == 3) {
3309 		if (strcmp(argv[1], "o"))
3310 			return CMD_RET_USAGE;
3311 		force = 1;
3312 		header_offset = simple_strtoul(argv[2], NULL, 16);
3313 	} else if (argc == 2) {
3314 		header_offset = simple_strtoul(argv[1], NULL, 16);
3315 	} else {
3316 		return CMD_RET_USAGE;
3317 	}
3318 
3319 	if (header_offset > 16)
3320 		return CMD_RET_USAGE;
3321 	ret = otp_invalid_key(header_offset, force);
3322 
3323 	if (ret)
3324 		return CMD_RET_FAILURE;
3325 	return CMD_RET_SUCCESS;
3326 }
3327 
3328 static cmd_tbl_t cmd_otp[] = {
3329 	U_BOOT_CMD_MKENT(version, 1, 0, do_otpver, "", ""),
3330 	U_BOOT_CMD_MKENT(read, 4, 0, do_otpread, "", ""),
3331 	U_BOOT_CMD_MKENT(info, 3, 0, do_otpinfo, "", ""),
3332 	U_BOOT_CMD_MKENT(prog, 3, 0, do_otpprog, "", ""),
3333 	U_BOOT_CMD_MKENT(pb, 6, 0, do_otppb, "", ""),
3334 	U_BOOT_CMD_MKENT(protect, 3, 0, do_otpprotect, "", ""),
3335 	U_BOOT_CMD_MKENT(scuprotect, 4, 0, do_otp_scuprotect, "", ""),
3336 	U_BOOT_CMD_MKENT(cmp, 3, 0, do_otpcmp, "", ""),
3337 	U_BOOT_CMD_MKENT(update, 3, 0, do_otpupdate, "", ""),
3338 	U_BOOT_CMD_MKENT(rid, 1, 0, do_otprid, "", ""),
3339 	U_BOOT_CMD_MKENT(retire, 3, 0, do_otpretire, "", ""),
3340 	U_BOOT_CMD_MKENT(verify, 2, 0, do_otpverify, "", ""),
3341 	U_BOOT_CMD_MKENT(invalid, 3, 0, do_otpinvalid, "", ""),
3342 };
3343 
3344 static int do_ast_otp(cmd_tbl_t *cmdtp, int flag, int argc, char *const argv[])
3345 {
3346 	struct otp_pro_sts *pro_sts;
3347 	cmd_tbl_t *cp;
3348 	u32 ver;
3349 	int ret;
3350 	u32 otp_conf0;
3351 
3352 	cp = find_cmd_tbl(argv[1], cmd_otp, ARRAY_SIZE(cmd_otp));
3353 
3354 	/* Drop the otp command */
3355 	argc--;
3356 	argv++;
3357 
3358 	if (!cp || argc > cp->maxargs)
3359 		return CMD_RET_USAGE;
3360 	if (flag == CMD_FLAG_REPEAT && !cmd_is_repeatable(cp))
3361 		return CMD_RET_SUCCESS;
3362 
3363 	ver = chip_version();
3364 	switch (ver) {
3365 	case OTP_A0:
3366 		info_cb.version = OTP_A0;
3367 		info_cb.conf_info = a0_conf_info;
3368 		info_cb.conf_info_len = ARRAY_SIZE(a0_conf_info);
3369 		info_cb.strap_info = a0_strap_info;
3370 		info_cb.strap_info_len = ARRAY_SIZE(a0_strap_info);
3371 		info_cb.key_info = a0_key_type;
3372 		info_cb.key_info_len = ARRAY_SIZE(a0_key_type);
3373 		sprintf(info_cb.ver_name, "A0");
3374 		break;
3375 	case OTP_A1:
3376 		info_cb.version = OTP_A1;
3377 		info_cb.conf_info = a1_conf_info;
3378 		info_cb.conf_info_len = ARRAY_SIZE(a1_conf_info);
3379 		info_cb.strap_info = a1_strap_info;
3380 		info_cb.strap_info_len = ARRAY_SIZE(a1_strap_info);
3381 		info_cb.key_info = a1_key_type;
3382 		info_cb.key_info_len = ARRAY_SIZE(a1_key_type);
3383 		info_cb.scu_info = a1_scu_info;
3384 		info_cb.scu_info_len = ARRAY_SIZE(a1_scu_info);
3385 		sprintf(info_cb.ver_name, "A1");
3386 		break;
3387 	case OTP_A2:
3388 		info_cb.version = OTP_A2;
3389 		info_cb.conf_info = a2_conf_info;
3390 		info_cb.conf_info_len = ARRAY_SIZE(a2_conf_info);
3391 		info_cb.strap_info = a1_strap_info;
3392 		info_cb.strap_info_len = ARRAY_SIZE(a1_strap_info);
3393 		info_cb.key_info = a2_key_type;
3394 		info_cb.key_info_len = ARRAY_SIZE(a2_key_type);
3395 		info_cb.scu_info = a1_scu_info;
3396 		info_cb.scu_info_len = ARRAY_SIZE(a1_scu_info);
3397 		sprintf(info_cb.ver_name, "A2");
3398 		break;
3399 	case OTP_A3:
3400 		info_cb.version = OTP_A3;
3401 		info_cb.conf_info = a3_conf_info;
3402 		info_cb.conf_info_len = ARRAY_SIZE(a3_conf_info);
3403 		info_cb.strap_info = a1_strap_info;
3404 		info_cb.strap_info_len = ARRAY_SIZE(a1_strap_info);
3405 		info_cb.key_info = a3_key_type;
3406 		info_cb.key_info_len = ARRAY_SIZE(a3_key_type);
3407 		info_cb.scu_info = a1_scu_info;
3408 		info_cb.scu_info_len = ARRAY_SIZE(a1_scu_info);
3409 		sprintf(info_cb.ver_name, "A3");
3410 		break;
3411 	default:
3412 		printf("SOC is not supported\n");
3413 		return CMD_RET_FAILURE;
3414 	}
3415 
3416 	writel(OTP_PASSWD, OTP_PROTECT_KEY); //password
3417 	otp_read_conf(0, &otp_conf0);
3418 	pro_sts = &info_cb.pro_sts;
3419 
3420 	pro_sts->mem_lock = (otp_conf0 >> 31) & 0x1;
3421 	pro_sts->pro_key_ret = (otp_conf0 >> 29) & 0x1;
3422 	pro_sts->pro_strap = (otp_conf0 >> 25) & 0x1;
3423 	pro_sts->pro_conf = (otp_conf0 >> 24) & 0x1;
3424 	pro_sts->pro_data = (otp_conf0 >> 23) & 0x1;
3425 	pro_sts->pro_sec = (otp_conf0 >> 22) & 0x1;
3426 	pro_sts->sec_size = ((otp_conf0 >> 16) & 0x3f) << 5;
3427 
3428 	ret = cp->cmd(cmdtp, flag, argc, argv);
3429 	writel(1, OTP_PROTECT_KEY); //protect otp controller
3430 
3431 	return ret;
3432 }
3433 
3434 U_BOOT_CMD(otp, 7, 0,  do_ast_otp,
3435 	   "ASPEED One-Time-Programmable sub-system",
3436 	   "version\n"
3437 	   "otp read conf|data <otp_dw_offset> <dw_count>\n"
3438 	   "otp read strap <strap_bit_offset> <bit_count>\n"
3439 	   "otp info strap [v]\n"
3440 	   "otp info conf [otp_dw_offset]\n"
3441 	   "otp info scu\n"
3442 	   "otp info key\n"
3443 	   "otp prog [o] <addr>\n"
3444 	   "otp pb conf|data [o] <otp_dw_offset> <bit_offset> <value>\n"
3445 	   "otp pb strap [o] <bit_offset> <value>\n"
3446 	   "otp protect [o] <bit_offset>\n"
3447 	   "otp scuprotect [o] <scu_offset> <bit_offset>\n"
3448 	   "otp update [o] <revision_id>\n"
3449 	   "otp rid\n"
3450 	   "otp retire [o] <key_id>\n"
3451 	   "otp verify <addr>\n"
3452 	   "otp invalid [o] <header_offset>\n"
3453 	  );
3454