BL33: EFUSE: use EFUSE_LICX for Riscure review [1/1]

PD#SWPL-3175

Problem:
Riscure code review report EFUSE license should use EFUSE_LICx but not
AO_SEC_SD_CFG10/9 any more

Solution:
For G12A/G12B/TL1... which have EFUSE_LICx will use them instead
of AO_SEC_SD_CFG10/9
EFUSE_LIC0/1/2/3 -> AO_SEC_SD_CFG10/9

Verify:
axg/g12a/g12b/gxb/gxl/gxtvbb/tl1/txhd/txl/txlx skt board verify on the way

Change-Id: I13979aecf4e6e58f6d3469b110b500bc83d18e25
Signed-off-by: Haixiang Bao <haixiang.bao@amlogic.com>

8 files changed, 159 insertions, 51 deletions

diff --git a/common/aml_dt.c b/common/aml_dt.c
index bbe6463..ca967de 100644
--- a/common/aml_dt.c
+++ b/common/aml_dt.c
@@ -8,6 +8,8 @@
 #include <asm/arch/bl31_apis.h>
 #include <partition_table.h>
 
+#include <amlogic/aml_efuse.h>
+
 //#define AML_DT_DEBUG
 #ifdef AML_DT_DEBUG
 #define dbg_printf(...) printf(__VA_ARGS__)
@@ -42,24 +44,6 @@
 //#define readl(addr) (*(volatile unsigned int*)(addr))
 extern int checkhw(char * name);
 
-/* return 1 if dtb is encrpted */
-int is_dtb_encrypt(unsigned char *buffer)
-{
-#if 0
-	unsigned int magic = *(unsigned int*)buffer;
-
-	if ((DT_HEADER_MAGIC == magic)
-			|| (AML_DT_HEADER_MAGIC == magic)
-			|| (IS_GZIP_FORMAT(magic)))
-		return 0;
-	return 1;
-#else
-		const unsigned long cfg10 = readl(AO_SEC_SD_CFG10);
-		/*KM_MSG("cfg10=0x%lX\n", cfg10);*/
-		return ( cfg10 & (0x1<< 4) );
-#endif//#if 0
-}
-
 unsigned long __attribute__((unused))
 	get_multi_dt_entry(unsigned long fdt_addr){
 	unsigned int dt_magic = readl(fdt_addr);
@@ -242,11 +226,6 @@ unsigned long __attribute__((unused))
 	return 0;
 }
 
-static int is_secure_boot_enabled(void)
-{
-	const unsigned long cfg10 = readl(AO_SEC_SD_CFG10);
-	return ( cfg10 & (0x1<< 4) );
-}
 
 /*
   return 0 if dts is valid
@@ -260,9 +239,8 @@ int check_valid_dts(unsigned char *buffer)
 	unsigned char *sbuffer = (unsigned char *)getenv_hex("loadaddr", CONFIG_DTB_MEM_ADDR + 0x100000);
 	/* g12a merge to trunk, use trunk code */
 	//unsigned char *sbuffer = (unsigned char *)0x1000000;
-	if (is_secure_boot_enabled()) {
+	if (IS_FEAT_BOOT_VERIFY()) {
 
-	if (is_dtb_encrypt(buffer)) {
 		memcpy(sbuffer, buffer, AML_DTB_IMG_MAX_SZ);
 		flush_cache((unsigned long)sbuffer, AML_DTB_IMG_MAX_SZ);
 		ret = aml_sec_boot_check(AML_D_P_IMG_DECRYPT, (long unsigned)sbuffer, AML_DTB_IMG_MAX_SZ, 0);
@@ -280,8 +258,6 @@ int check_valid_dts(unsigned char *buffer)
 		memcpy(buffer, sbuffer + nCheckOffset, AML_DTB_IMG_MAX_SZ);
 
 	}
-
-	}
 #ifdef CONFIG_MULTI_DTB
 	dt_addr = (char *)get_multi_dt_entry((unsigned long)buffer);
 #else
diff --git a/common/cmd_bootm.c b/common/cmd_bootm.c
index b78b2e2..860a0a8 100644
--- a/common/cmd_bootm.c
+++ b/common/cmd_bootm.c
@@ -29,6 +29,8 @@
 #endif
 #include <asm/arch/secure_apb.h>
 
+#include <amlogic/aml_efuse.h>
+
 DECLARE_GLOBAL_DATA_PTR;
 
 #if defined(CONFIG_CMD_IMI)
@@ -94,12 +96,6 @@ static int do_bootm_subcommand(cmd_tbl_t *cmdtp, int flag, int argc,
 	return ret;
 }
 
-static int is_secure_boot_enabled(void)
-{
-	const unsigned long cfg10 = readl(AO_SEC_SD_CFG10);
-	return ( cfg10 & (0x1<< 4) );
-}
-
 /*******************************************************************/
 /* bootm - boot application image from image in memory */
 /*******************************************************************/
@@ -254,7 +250,7 @@ int do_bootm(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 #endif
 #endif//#ifndef CONFIG_AML_SIGNED_UBOOT
 
-	if (is_secure_boot_enabled())
+	if (IS_FEAT_BOOT_VERIFY())
 	{
 		/* Override load address argument to skip secure boot header (512).
 		* Only skip if secure boot so normal boot can use plain boot.img+		 */
diff --git a/common/cmd_imgread.c b/common/cmd_imgread.c
index 1bb3330..ebf230d 100644
--- a/common/cmd_imgread.c
+++ b/common/cmd_imgread.c
@@ -18,6 +18,8 @@
 #include <asm/arch/secure_apb.h>
 #include <libfdt.h>
 
+#include <amlogic/aml_efuse.h>
+
 typedef struct andr_img_hdr boot_img_hdr;
 
 #define debugP(fmt...) //printf("[Dbg imgread]L%d:", __LINE__),printf(fmt)
@@ -78,12 +80,6 @@ typedef struct{
 #define COMPILE_TYPE_ASSERT(expr, t)       typedef char t[(expr) ? 1 : -1]
 COMPILE_TYPE_ASSERT(2048 >= sizeof(AmlSecureBootImgHeader), _cc);
 
-static int is_secure_boot_enabled(void)
-{
-    const unsigned long cfg10 = readl(AO_SEC_SD_CFG10);
-    return ( cfg10 & (0x1<< 4) );
-}
-
 static int is_andr_9_image(void* pBuffer)
 {
     int nReturn = 0;
@@ -121,7 +117,7 @@ static int _aml_get_secure_boot_kernel_size(const void* pLoadaddr, unsigned* pTo
     unsigned int nBlkCnt = 0;
     const t_aml_enc_blk* pBlkInf = NULL;
     unsigned char *pAndHead = (unsigned char *)pLoadaddr;
-    unsigned int isSecure = is_secure_boot_enabled();
+    unsigned int isSecure = IS_FEAT_BOOT_VERIFY();
 
     rc = __LINE__;
 
diff --git a/drivers/efuse/Makefile b/drivers/efuse/Makefile
index 83988eb..164c1b8 100644
--- a/drivers/efuse/Makefile
+++ b/drivers/efuse/Makefile
@@ -22,6 +22,7 @@
 #
 
 obj-$(CONFIG_EFUSE) += efuse.o
+obj-$(CONFIG_EFUSE) += aml_efuse.o
 ifdef CONFIG_OF_LIBFDT
 obj-$(CONFIG_EFUSE) += efuse_usr_space_api.o
 endif
diff --git a/drivers/efuse/aml_efuse.c b/drivers/efuse/aml_efuse.c
new file mode 100644
index 0000000..c4e6887
--- a/dev/null
+++ b/drivers/efuse/aml_efuse.c
@@ -0,0 +1,72 @@
+/*
+ * Copyright (C) 2014-2018 Amlogic, Inc. All rights reserved.
+ *
+ * All information contained herein is Amlogic confidential.
+ *
+ * This software is provided to you pursuant to Software License Agreement
+ * (SLA) with Amlogic Inc ("Amlogic"). This software may be used
+ * only in accordance with the terms of this agreement.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification is strictly prohibited without prior written permission from
+ * Amlogic.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ *
+ * Copyright (C) 2018 Amlogic, Inc. All rights reserved.
+*/
+
+#include <common.h>
+#include <asm/arch/io.h>
+#include <amlogic/aml_efuse.h>
+#include <asm/arch/secure_apb.h>
+
+//weak function for EFUSE license query
+//all following functions are defined with "weak" for customization of each SoC
+//EFUSE_LICX	--> AO_SEC_SD_CFG10/9 --> EFUSE mirror
+int  __attribute__((weak)) IS_FEAT_BOOT_VERIFY(void)
+{
+	#ifndef ADDR_IS_FEAT_BOOT_VERIFY
+	  #ifdef EFUSE_LIC0
+		  #define ADDR_IS_FEAT_BOOT_VERIFY (EFUSE_LIC0)
+		  #define OSET_IS_FEAT_BOOT_VERIFY (0)
+	  #else
+		  #define ADDR_IS_FEAT_BOOT_VERIFY (AO_SEC_SD_CFG10)
+		  #define OSET_IS_FEAT_BOOT_VERIFY (4)
+	  #endif
+	#endif
+
+	return ((readl(ADDR_IS_FEAT_BOOT_VERIFY) >> OSET_IS_FEAT_BOOT_VERIFY) & 1);
+
+	#undef ADDR_IS_FEAT_BOOT_VERIFY
+	#undef OSET_IS_FEAT_BOOT_VERIFY
+}
+int  __attribute__((weak)) IS_FEAT_BOOT_ENCRYPT(void)
+{
+	#ifndef ADDR_IS_FEAT_BOOT_ENCRYPT
+	  #ifdef EFUSE_LIC0
+		#define ADDR_IS_FEAT_BOOT_ENCRYPT (EFUSE_LIC0)
+		#define OSET_IS_FEAT_BOOT_ENCRYPT (1)
+	  #else
+		#define ADDR_IS_FEAT_BOOT_ENCRYPT (AO_SEC_SD_CFG10)
+		#define OSET_IS_FEAT_BOOT_ENCRYPT (28)
+	  #endif
+	#endif
+
+	return ((readl(ADDR_IS_FEAT_BOOT_ENCRYPT) >> OSET_IS_FEAT_BOOT_ENCRYPT) & 1);
+
+	#undef ADDR_IS_FEAT_BOOT_ENCRYPT
+	#undef OSET_IS_FEAT_BOOT_ENCRYPT
+}
diff --git a/drivers/keymanage/km_efuse_key.c b/drivers/keymanage/km_efuse_key.c
index ded4a51..d71b0ef 100644
--- a/drivers/keymanage/km_efuse_key.c
+++ b/drivers/keymanage/km_efuse_key.c
@@ -13,6 +13,8 @@
 #include <asm/arch/secure_apb.h>
 #include <asm/io.h>
 
+#include <amlogic/aml_efuse.h>
+
 #define SECURE_BOOT_KEY_NAME    "secure_boot_set"
 
 extern int efuse_usr_api_init_dtb(const char*  dt_addr);
@@ -91,9 +93,9 @@ int keymanage_efuse_exist(const char* keyname)
 
         if (!strcmp(SECURE_BOOT_KEY_NAME, keyname))
         {
-                const unsigned long cfg10 = readl(AO_SEC_SD_CFG10);
+                const unsigned long cfg10 = IS_FEAT_BOOT_VERIFY();
                 KM_MSG("cfg10=0x%lX\n", cfg10);
-                return ( cfg10 & (0x1<< 4) );
+                return ( cfg10 );
         }
         else
         {
diff --git a/drivers/usb/gadget/v2_burning/v2_sdc_burn/optimus_sdc_burn.c b/drivers/usb/gadget/v2_burning/v2_sdc_burn/optimus_sdc_burn.c
index 2e4a68c..16cb239 100644
--- a/drivers/usb/gadget/v2_burning/v2_sdc_burn/optimus_sdc_burn.c
+++ b/drivers/usb/gadget/v2_burning/v2_sdc_burn/optimus_sdc_burn.c
@@ -14,6 +14,8 @@
 #include <asm/arch/secure_apb.h>
 #include <asm/io.h>
 
+#include <amlogic/aml_efuse.h>
+
 static int is_bootloader_old(void)
 {
     int sdc_boot = is_tpl_loaded_from_ext_sdmmc();
@@ -325,13 +327,6 @@ int optimus_report_burn_complete_sta(int isFailed, int rebootAfterBurn)
     return 0;
 }
 
-static int _check_if_secureboot_enabled(void)
-{
-    const unsigned long cfg10 = readl(AO_SEC_SD_CFG10);
-    DWN_MSG("cfg10=0x%lX\n", cfg10);
-    return ( cfg10 & (0x1<< 4) );
-}
-
 int optimus_sdc_burn_dtb_load(HIMAGE hImg)
 {
     s64 itemSz = 0;
@@ -342,7 +337,7 @@ int optimus_sdc_burn_dtb_load(HIMAGE hImg)
     unsigned char* dtbTransferBuf     = (unsigned char*)partBaseOffset;
 
     //meson1.dtb but not meson.dtb for m8 compatible
-    if (_check_if_secureboot_enabled()) {
+    if (IS_FEAT_BOOT_VERIFY()) {
         DWN_MSG("SecureEnabled, use meson1_ENC\n");
         hImgItem = image_item_open(hImg, partName, "meson1_ENC");
     }
diff --git a/include/amlogic/aml_efuse.h b/include/amlogic/aml_efuse.h
new file mode 100644
index 0000000..72ce961
--- a/dev/null
+++ b/include/amlogic/aml_efuse.h
@@ -0,0 +1,70 @@
+
+/*
+ *
+ * Copyright (C) 2018 Amlogic, Inc. All rights reserved.
+*/
+
+#ifndef __BL2_EFUSE_H__
+#define __BL2_EFUSE_H__
+
+#if 0
+//just keep following CFG10/9 for new API implement
+#define IS_FEAT_USB_PD_CHK_ENABLE()   (readl(AO_SEC_SD_CFG10) & (1 << 1))
+#define IS_FEAT_THERMAL_CALIBRATED()  (readl(AO_SEC_SD_CFG10) & (1 << 2))
+#define IS_FEAT_BOOT_VERIFY()         (readl(AO_SEC_SD_CFG10) & (1 << 4))
+#define IS_FEAT_ROOT_KEY_BURNED()     (readl(AO_SEC_SD_CFG10) & (1 << 5))
+#define IS_FEAT_PLL_SET_BURNED()      (readl(AO_SEC_SD_CFG10) & (1 << 6))
+#define IS_FEAT_M3_PLL_ENABLE()       (readl(AO_SEC_SD_CFG10) & (1 << 7))
+#define IS_FEAT_M4_PLL_ENABLE()       (readl(AO_SEC_SD_CFG10) & (1 << 7))
+#define IS_FEAT_A53_PLL_ENABLE()      (readl(AO_SEC_SD_CFG10) & (1 << 8))
+#define IS_FEAT_NAMD_EXT_CMD_BURNED() (readl(AO_SEC_SD_CFG10) & (1 << 9))
+#define IS_FEAT_JTG_PD_CHK_ENABLE()   (readl(AO_SEC_SD_CFG10) & (1 << 11))
+#define IS_FEAT_JTG_ENABLE()          (readl(AO_SEC_SD_CFG10) & (1 << 12))
+#define IS_FEAT_CHIP_ID_BURNED        (readl(AO_SEC_SD_CFG10) & (1 << 13))
+#define IS_FEAT_DTS_ENABLE            (readl(AO_SEC_SD_CFG10) & (1 << 14))
+#define IS_FEAT_DISK_ENC_ENABLE       (readl(AO_SEC_SD_CFG10) & (1 << 15))
+#define IS_FEAT_DOLBY_AUDIO_ENABLE    (readl(AO_SEC_SD_CFG10) & (1 << 16))
+#define IS_FEAT_SCN_PD_CHK_ENABLE     (readl(AO_SEC_SD_CFG10) & (1 << 17))
+#define IS_FEAT_USB_BOOT_ENABLE       (readl(AO_SEC_SD_CFG10) & (1 << 19))
+#define IS_FEAT_SPI_BOOT_ENABLE       (readl(AO_SEC_SD_CFG10) & (1 << 20))
+#define IS_FEAT_RECOVERY_BOOT_ENABLE  (readl(AO_SEC_SD_CFG10) & (1 << 21))
+#define IS_FEAT_SD_BOOT_ENABLE        (readl(AO_SEC_SD_CFG10) & (1 << 22))
+#define IS_FEAT_NAND_EMMC_BOOT_ENABLE (readl(AO_SEC_SD_CFG10) & (1 << 23))
+#define IS_FEAT_ANTIROLLBACK_ENABLE   (readl(AO_SEC_SD_CFG10) & (1 << 25))
+#define IS_FEAT_BOOT_ENCRYPT()        (readl(AO_SEC_SD_CFG10) & (1 << 28))
+#define IS_FEAT_A53_L1_ENABLE()       (readl(AO_SEC_SD_CFG10) & (1 << 29))
+#define IS_FEAT_KEY_LDR_INIT()        (readl(AO_SEC_SD_CFG10) & (1 << 30))
+#define IS_FEAT_AP_COLD_BOOT_LOCK()   (readl(AO_SEC_SD_CFG10) & (1 << 31))
+#define IS_FEAT_BOOT_M3_ENCRYPT()     (readl(AO_SEC_SD_CFG9) & (1 << 5))
+#define IS_FEAT_BOOT_M4_ENCRYPT()     (readl(AO_SEC_SD_CFG9) & (1 << 6))
+#define IS_FEAT_NAND_BL2_BKP_RETRY()  (readl(AO_SEC_SD_CFG9) & (1 << 10))
+#define IS_FEAT_EMMC_BL2_BKP_RETRY()  (readl(AO_SEC_SD_CFG9) & (1 << 11))
+#define IS_FEAT_SCAN_DISABLE()        (readl(AO_SEC_SD_CFG9) & (1 << 12))
+#define IS_FEAT_NAND_128P_DISABLE()   (readl(AO_SEC_SD_CFG9) & (1 << 13))
+#define IS_FEAT_EMMC_LAST_ENABLE()    (readl(AO_SEC_SD_CFG9) & (1 << 14))
+#define IS_FEAT_HIGH_USB_ENABLE()     (readl(AO_SEC_SD_CFG9) & (1 << 15))
+#define IS_FEAT_BOOT_M3_VERIFY()      (readl(AO_SEC_SD_CFG9) & (1 << 16))
+#define IS_FEAT_BOOT_M4_VERIFY()      (readl(AO_SEC_SD_CFG9) & (1 << 17))
+#define IS_FEAT_CORNOR_INFO_BURNED()  (readl(AO_SEC_SD_CFG9) & (1 << 19))
+#define IS_FEAT_SCK_BURNED()          (readl(AO_SEC_SD_CFG9) & (1 << 20))
+#define IS_FEAT_BLK0_WR_LOCKED()      (readl(AO_SEC_SD_CFG9) & (1 << 21))
+#define IS_FEAT_M4_DISABLE()          (readl(AO_SEC_SD_CFG9) & (1 << 22))
+#define IS_FEAT_M4_SP_MODE_ENABLE()   (readl(AO_SEC_SD_CFG9) & (1 << 23))
+#define IS_FEAT_A53_CLK_12G()         (readl(AO_SEC_SD_CFG9) & (1 << 24))
+#define IS_FEAT_A53_CLK_15G()         (readl(AO_SEC_SD_CFG9) & (1 << 25))
+#define IS_FEAT_A53_CLK_20G()         (readl(AO_SEC_SD_CFG9) & (1 << 26))
+#define IS_FEAT_USB_PLL_ENABLE()      (readl(AO_SEC_SD_CFG9) & (1 << 27))
+#define IS_FEAT_RMA_ENABLE()          (readl(AO_SEC_SD_CFG9) & (1 << 28))
+#define IS_FEAT_OPS_CLI_BURNED()      (readl(AO_SEC_SD_CFG9) & (1 << 29))
+#define IS_FEAT_M4_UNLOCK_ENABLE()    (readl(AO_SEC_SD_CFG9) & (1 << 31))
+#define IS_FEAT_DISABLE_PRINT()       (readl(EFUSE_LIC0) & (1 << 22)))
+#endif
+
+//weak function for each SoC implement
+//Unify EFUSE license query API
+//all following functions are defined with "weak" for customization of each SoC
+//EFUSE_LICX	--> AO_SEC_SD_CFG10/9 --> EFUSE mirror
+int IS_FEAT_BOOT_VERIFY(void);
+int IS_FEAT_BOOT_ENCRYPT(void);
+
+#endif /* __BL2_EFUSE_H__ */