fix(bootloader): self encryption workflow in bootloader not working on C5

Added explicit wait for key manager state to be idle before configuring
the register for flash encryption key usage from efuse. This now ensures
that flash contents are encrypted using efuse programmed key.

Also refactored code a bit to move into target specific directory.

components/bootloader_support/src/esp32p4/flash_encryption_secure_features.c

@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2022-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2022-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -11,6 +11,8 @@
 #include "esp_efuse_table.h"
 #include "esp_log.h"
 #include "sdkconfig.h"
+#include "hal/key_mgr_ll.h"
+#include "hal/mspi_timing_tuning_ll.h"
 
 static __attribute__((unused)) const char *TAG = "flash_encrypt";
 
@@ -48,3 +50,22 @@ esp_err_t esp_flash_encryption_enable_secure_features(void)
 
     return ESP_OK;
 }
+
+esp_err_t esp_flash_encryption_enable_key_mgr(void)
+{
+    // Enable and reset key manager
+    // To suppress build errors about spinlock's __DECLARE_RCC_ATOMIC_ENV
+    int __DECLARE_RCC_ATOMIC_ENV __attribute__ ((unused));
+    key_mgr_ll_enable_bus_clock(true);
+    key_mgr_ll_enable_peripheral_clock(true);
+    key_mgr_ll_reset_register();
+
+    while (key_mgr_ll_get_state() != ESP_KEY_MGR_STATE_IDLE) {
+    };
+
+    // Force Key Manager to use eFuse key for XTS-AES operation
+    key_mgr_ll_set_key_usage(ESP_KEY_MGR_XTS_AES_128_KEY, ESP_KEY_MGR_USE_EFUSE_KEY);
+    _mspi_timing_ll_reset_mspi();
+
+    return ESP_OK;
+}