After a lot of reading on Allwinner's secure boot documents and source code, I find something interesting:
1. An old thread
Spitfire says after he flashes all 0xff to H3's rotpk efuse, it boots. Efuse is OTP, I can not revert my efuse to 0, but I should be able to flash it again to all 0xff. Hope it also works for H6.
2. There is a kernel driver sunxi-sysinfo in the 3.10 kernel source code which matches my board:
https://gitee.com/nnxr/H6-BSP3.1…r/sunxi-sysinfo
This driver exposes a file device /dev/sunxi_soc_info and 2 chararcter classes /sys/class/sys_info + /sys/class/key_info
I tested on my board, all 3 works fine. I can get all information it is designed to give. Write function is not exposed.
This driver uses standard arm instruction "smc #0" to switch from EL1(Kernel) to EL3(TEE).
3. I find a EL3 smc handler source code of Allwinner
https://github.com/Allwinner-Homl…vc_setup.c#L221
If my board's EL3 firmware is compiled from this source code, that means I should be able to invoke smc command ARM_SVC_EFUSE_WRITE to write efuse.
4. My board does not check Kmod's signature. So I can modify this sunxi-sysinfo driver, add some new API to invoke a smc call to write all 0xff to rotpk, compile and insmod to run it..
5. If I succeeded, stock fw would be dead because sunxi spl only ignores rotpk if it is all 0 when it switches to uboot:
https://github.com/Allwinner-Homl…rom_main.c#L591
Mainline uboot-with-spl should be OK because it uses other security design.
Of course if the chip planted sbrom is doing the same thing as this spl sbrom, the board would be a brick..