Last edited 2 weeks ago

STM32MP21 OTP mapping


1. Memory mapping[edit | edit source]

The table below gives an overview of the BSEC OTP memory mapping with useful information in the context of this Wiki reading. It gives the global mapping view including the SoC restricted layout (immutable) and the additional ecosystem choice that is used with OpenSTLinux ecosystem.
OTP words 0 to 127 are called lower OTP and are bit wise programmable.
OTP words 128 to 255 are called middle OTP and are bulk programmable.
OTP words 256 to 383 are called upper OTP and are bulk programmable. These OTP are the one where sensitive information (such as password or private keys) must be stored.

Further information for the words and fields that are not explicitly described here can be found in the reference manual.


OTP word Bit field (size) Name Description
Lower OTP region
0 OTP_HW_WORD0 OTP Check Word (virgin -> non virgin)
1 OTP_HW_WORD1 OTP Security word to close security state BSECXW
2 OTP_HW_WORD2 OTP Word for re-opening via RMA password : RMA bits
3 OTP_HW_WORD3 OTP Word for re-opening via RMA password : RMA tries bits
4 OTP_HW_WORD4 OTP word for TK Retries (ECIES)
5 ID0 ID0 for Engineering purposes
6 ID1 ID1 for Engineering purposes
7 ID2 ID2 for Engineering purposes
8 Reserved
9 RPN_CODING STM32MP21 Reference Manuals
10

BOOTROM_CONFIG_1

0-0 (1 bit) chip cpbk y sign Chip Public key sign of Y
1-1 (1 bit) stkeyprov ecies ok Status of ECIES ST key provisionning when it was attempted.
2-2 (1 bit) stkeyprov hwkey done ST HW Key provisionning done
10-3 (8 bits) security counter security counter involved in productID for chip certificate verification by HSM-OEM in RSSe_prov context
14-11 (4 bits) st pub key id ST ECDSA Public Key ID (ST Key Instance fuse part) involved in productID for chip certificate verification by HSM-OEM in RSSe_prov context
22-15 (8 bits) rssefw active signing key 8 possible ST public keys (ST key revocation feature for RSSe_FW authentication)
28-23 (6 bits) nb added stsecrets Number of additional ST secrets words provisionned
31-29 (3 bits) Reserved -
11

BOOTROM_CONFIG_2

0-0 (1 bit) Reserved
1-1 (1 bit) sdmmc1 not default af SDMMC1 default Afmux usage
2-2 (1 bit) sdmmc2 not default af SDMMC2 default Afmux usage
4-3 (2 bits) Reserved
5-5 (1 bit) no cpu pll CPU PLL usage
9-6 (4 bits) Reserved
14-10 (5 bits) disable uart Disable UART instances
15-15 (1 bit) no data cache Data cache usage
23-16 (8 bits) boot source disable Each bit disable a boot source.

Default to UART if all disabled.

25-24 (2 bits) bootpins layout sel Bootpins layout selection
29-26 (4 bits) boot source sel Boot source selection
30-30 (1 bit) dont boot on cfm tamper Disable boot on confirmed tamper feature
31-31 (1 bit) Reserved
12

BOOTROM_CONFIG_3

BOOTROM / FSBL-A version monotonic counter
13

BOOTROM_CONFIG_4

7-0 (8 bits) Reserved
11-8 (4 bits) RNG configuration 3 STM32MP21 Reference Manuals (RNG CR register)
12 (1 bit) NIST custom STM32MP21 Reference Manuals (RNG CR register)
15-13 (3 bits) RNG configuration 2 STM32MP21 Reference Manuals (RNG CR register)
19-16 (4 bits) Clock divider factor STM32MP21 Reference Manuals (RNG CR register)
27-20 (8 bits) RNG configuration 2 STM32MP21 Reference Manuals (RNG CR register)
31-28 (4 bits) Reserved
14

BOOTROM_CONFIG_5

17 -0 (18 bits) RNG health test control configuration (HTCR0) STM32MP21 Reference Manuals (RNG HTCR0 register)
31-18 (14 bits) Reserved
15

BOOTROM_CONFIG_6

8-0 (9 bits) RNG noise source control STM32MP21 Reference Manuals (RNG NSCR register)
31-10 (22 bits) Reserved
16

BOOTROM_CONFIG_7

0-0 (1 bit) disable traces Disable bootROM traces
1-1 (1 bit) disable hse freq detect Disable HSE frequency autodetection
2-2 (1 bit) disable hse bypass detect Disable HSE bypass detection
3-3 (1 bit) disable blocking failure traces Disable traces done by blocking failure process
4-4 (1 bit) a35 mode Select a35 architecture mode
5-5 (1 bit) fmc force sw reset FMC is used by CA35 to connect a NAND and by CM33 to connect a NOR or PSRAM
6-6 (1 bit) emergency debug req Emergency debug request
7-7 (1 bit) emmc 128k boot partition Support eMMC with 128Kb boot partition
8-8 (1 bit) fsbl decrypt prio FSBL decryption priority (speed or security)
9-9 (1 bit) Reserved
10-10 (1 bit) Reserved
13-11 (3 bits) HSE value HSE value
14-14 (1 bit) snand need plane select 1 NAND parameters bank1 - Serial NAND plane selection
17-15 (3 bits) pnand number of ecc bits 1 NAND parameters bank1 - Number of Error Correction Code (ECC) bits
18-18 (1 bit) pnand bus width 1 NAND parameters bank1 - Parallel NAND data witdh
26-19 (8 bits) nand nb of blocks 1 NAND parameters bank1 - Number of blocks in unit of 256 blocks
28-27 (2 bits) nand block size 1 NAND parameters bank1 - Block size in number of pages
30-29 (2 bits) nand page size 1 NAND parameters bank1 - Page size
31-31 (1 bit) pnand param stored in otp Parallel NAND parameters stored in OTP bank1 or bank2
17

BOOTROM_CONFIG_8

7-0 (8 bits) oem active signing key1 8 possible OEM public keys (OEM key revocation feature for OEM-FSBL authentication)
8-8 (1 bit) oem keys2 enable Enable second ECDSA OEM key set for FSBL-M authentication and decryption[fsblm-keys 1]
31-16 (16 bits) Reserved
18

BOOTROM_CONFIG_9

3-0 (4 bits) secure boot Enable enforced secure boot
7-4 (4 bits) prov done RSSE provisioning done
11-8 (4 bits) debug lock Lock debug enabling until next reset when chip is CLOSED-LOCKED
15-12 (4 bits) otp prov done RSSe OTP provisioning done
21-16 (6 bits) Reserved
22-22 (1 bit) ns epoch enable Enable non secure EPOCH use
26-23 (4 bits) fingerprint enable Enable fingerprint feature
31-27 (5 bits) free for future use
19

BOOTROM_CONFIG_10

31-0 (32 bits) fsblm_monotonic BOOTROM / OEM-FSBLM version monotonic counter
20

BOOTROM_CONFIG_11

0-0 (1 bit) nand config distribution NAND configurations distribution
1-1 (1 bit) snand need plane select 2 idem BOOTROM_CONFIG_7.snand_need_plane_select_1
4-2 (3 bits) pnand number of ecc bits 2 idem BOOTROM_CONFIG_7.pnand_number_of_ecc_bits_1
5-5 (1 bit) pnand bus width 2 idem BOOTROM_CONFIG_7.pnand_bus_width_1
13-6 (8 bits) nand nb of blocks 2 idem BOOTROM_CONFIG_7.nand_nb_of_blocks_1
15-14 (2 bits) nand block size 2 idem BOOTROM_CONFIG_7.nand_block_size_1
17-16 (2 bits) nand page size 2 idem BOOTROM_CONFIG_7.nand_page_size_1
18-18 (1 bit) hyperflash 3V3 device is HyperFlash a 3.3V device
21-19 (3 bits) rng htcr value RNG HTCR value
22-22 (1 bit) ospi io speed ovrw OSPI IO speed overwrite enable
24-23 (2 bits) ospi io speed clk nclk OSPI IO speed of clk nclk IO
25-24 (2 bits) ospi io speed data cs OSPI IO speed of CS IO
31-26 (6 bits) Reserved
21

BOOTROM_CONFIG_12

31-0 (32 bits) rsse_monotonic BOOTROM / RSSe FW version monotonic counter
22

BOOTROM_CONFIG_13

7-0 (8 bits) oem active signing key2 8 possible OEM public keys (OEM key revocation feature for OEM-FSBL authentication)
31-8 (24 bits) Reserved
23 H32ENCPRVKEY BOOTROM / Hash of E1CPvK
24 31-0 (32 bits) BOOTROM TZ EPOCH0 Secure side Epoch counter
25 31-0 (32 bits) BOOTROM TZ EPOCH1
26 31-0 (32 bits) BOOTROM TZ EPOCH2
27 31-0 (32 bits) BOOTROM TZ EPOCH3
28 31-0 (32 bits) BOOTROM TZ EPOCH4
29 31-0 (32 bits) BOOTROM TZ EPOCH5
30 31-0 (32 bits) BOOTROM TZ EPOCH6
31 31-0 (32 bits) BOOTROM TZ EPOCH7
32 31-0 (32 bits) BOOTROM NS EPOCH0 Non Secure Epoch counter
33 31-0 (32 bits) BOOTROM NS EPOCH1
34 31-0 (32 bits) BOOTROM NS EPOCH2
35 31-0 (32 bits) BOOTROM NS EPOCH3
36 31-0 (32 bits) BOOTROM NS EPOCH4
37 31-0 (32 bits) BOOTROM NS EPOCH5
38 31-0 (32 bits) BOOTROM NS EPOCH6
39 31-0 (32 bits) BOOTROM NS EPOCH7
40 Available for customer
41 Available for customer
42 Available for customer
43 Available for customer
44 Available for customer
45 Available for customer
46 Available for customer
47 Available for customer
48 Available for customer
49 Available for customer
50 Available for customer
51 Available for customer
52 Available for customer
53 Available for customer
54 Available for customer
55 Available for customer
56 Available for customer
57 Available for customer
58 Available for customer
59 Available for customer
60 Available for customer
61 Available for customer
62 Available for customer
63 Available for customer
64 Available for customer
65 Available for customer
66 Available for customer
67 Available for customer
68 Available for customer
69 Available for customer
70 Available for customer
71 Available for customer
72 Available for customer
73 Available for customer
74 Available for customer
75 Available for customer
76 Available for customer
77 Available for customer
78 Available for customer
79 Available for customer
80 Available for customer
81 Available for customer
82 Available for customer
83 Available for customer
84 Available for customer
85 Available for customer
86 Available for customer
87 Available for customer
88 Available for customer
89 Available for customer
90 Available for customer
91 Available for customer
92 Available for customer
93 Available for customer
94 Available for customer
95 Available for customer
96 Available for customer
97 Available for customer
98 Available for customer
99 Available for customer
100 Available for customer
101 ADAC_SOC_MASK Control the maximum debug level possible via ADAC
102 ID STM32MP21 Reference Manuals
103 CRC_HSM
104 CAL1 STM32MP21 Reference Manuals
105 Reserved
106 CAL3 STM32MP21 Reference Manuals
107 Reserved
108 CAL5 STM32MP21 Reference Manuals
109 Reserved
110 CAL7 STM32MP21 Reference Manuals
111 Reserved
112 ENGI1 Engineering
113 ENGI2 Engineering
114 ENGI3 Engineering
115 ENGI4 Engineering
116 ENGI5 Engineering
117 ENGI6 Engineering
118 ENGI7 Engineering
119 ENGI8 Engineering
120 ATRIM1 STM32MP21 Reference Manuals
121 ATRIM2 STM32MP21 Reference Manuals
122 ATRIM3 STM32MP21 Reference Manuals
123 ATRIM4 STM32MP21 Reference Manuals
124 HCONF1 STM32MP21 Reference Manuals
125 MREPAIR1
126 MREPAIR2
127 MREPAIR3
Middle OTP region
128 31-0 (32 bits) STM32CERTIF0 STM32 chip certificate (public key)[key-formats 1]
129 31-0 (32 bits) STM32CERTIF1
130 31-0 (32 bits) STM32CERTIF2
131 31-0 (32 bits) STM32CERTIF3
132 31-0 (32 bits) STM32CERTIF4
133 31-0 (32 bits) STM32CERTIF5
134 31-0 (32 bits) STM32CERTIF6
135 31-0 (32 bits) STM32CERTIF7
136 31-0 (32 bits) STM32CERTIF8
137 31-0 (32 bits) STM32CERTIF9
138 31-0 (32 bits) STM32CERTIF10
139 31-0 (32 bits) STM32CERTIF11
140 31-0 (32 bits) STM32CERTIF12
141 31-0 (32 bits) STM32CERTIF13
142 31-0 (32 bits) STM32CERTIF14
143 31-0 (32 bits) STM32CERTIF15
144 31-0 (32 bits) STM32CERTIF16
145 31-0 (32 bits) STM32CERTIF17
146 31-0 (32 bits) STM32CERTIF18
147 31-0 (32 bits) STM32CERTIF19
148 31-0 (32 bits) STM32CERTIF20
149 31-0 (32 bits) STM32CERTIF21
150 31-0 (32 bits) STM32CERTIF22
151 31-0 (32 bits) STM32CERTIF23
152 31-0 (32 bits) OEM KEY1 ROT0 OEM Key1 Root of Trust Hash[key-formats 1][fsblm-keys 1]
153 31-0 (32 bits) OEM KEY1 ROT1
154 31-0 (32 bits) OEM KEY1 ROT2
155 31-0 (32 bits) OEM KEY1 ROT3
156 31-0 (32 bits) OEM KEY1 ROT4
157 31-0 (32 bits) OEM KEY1 ROT5
158 31-0 (32 bits) OEM KEY1 ROT6
159 31-0 (32 bits) OEM KEY1 ROT7
160 31-0 (32 bits) OEM KEY2 ROT0 OEM Key2 Root of Trust Hash[key-formats 1][fsblm-keys 1]
161 31-0 (32 bits) OEM KEY2 ROT1
162 31-0 (32 bits) OEM KEY2 ROT2
163 31-0 (32 bits) OEM KEY2 ROT3
164 31-0 (32 bits) OEM KEY2 ROT4
165 31-0 (32 bits) OEM KEY2 ROT5
166 31-0 (32 bits) OEM KEY2 ROT6
167 31-0 (32 bits) OEM KEY2 ROT7
168 31-0 (32 bits) STM32PUBKEY0 STM32 chip public key[key-formats 1]
169 31-0 (32 bits) STM32PUBKEY1
170 31-0 (32 bits) STM32PUBKEY2
171 31-0 (32 bits) STM32PUBKEY3
172 31-0 (32 bits) STM32PUBKEY4
173 31-0 (32 bits) STM32PUBKEY5
174 31-0 (32 bits) STM32PUBKEY6
175 31-0 (32 bits) STM32PUBKEY7
176 31-0 (32 bits) STM32PUBKEY8
177 31-0 (32 bits) STM32PUBKEY9
178 31-0 (32 bits) STM32PUBKEY10
179 31-0 (32 bits) STM32PUBKEY11
A35-TD flavor More info green.png M33-TD flavor More info green.png
Name Description Name Description
180 RPROC-FW-PKH_0 Hash of the Public Key for remote processor firmware[key-formats 2] Available for customer
181 RPROC-FW-PKH_1 Available for customer
182 RPROC-FW-PKH_2 Available for customer
183 RPROC-FW-PKH_3 Available for customer
184 RPROC-FW-PKH_4 Available for customer
185 RPROC-FW-PKH_5 Available for customer
186 RPROC-FW-PKH_6 Available for customer
187 RPROC-FW-PKH_7 Available for customer
A35-TD flavor More info green.png M33-TD flavor More info green.png
Name Description Name Description
188 Available for customer FSBLM-M33-FW-PKH_0 Hash of the Public Key for M33TDCID M33 Firmware[key-formats 2]
189 Available for customer FSBLM-M33-FW-PKH_1
190 Available for customer FSBLM-M33-FW-PKH_2
191 Available for customer FSBLM-M33-FW-PKH_3
192 Available for customer FSBLM-M33-FW-PKH_4
193 Available for customer FSBLM-M33-FW-PKH_5
194 Available for customer FSBLM-M33-FW-PKH_6
195 Available for customer FSBLM-M33-FW-PKH_7
A35-TD flavor More info green.png M33-TD flavor More info green.png
Name Description Name Description
196 Available for customer FSBLM-DDR-FW-PKH_0 Hash of the Public Key for M33TDCID DDR Firmware[key-formats 2]
197 Available for customer FSBLM-DDR-FW-PKH_1
198 Available for customer FSBLM-DDR-FW-PKH_2
199 Available for customer FSBLM-DDR-FW-PKH_3
200 Available for customer FSBLM-DDR-FW-PKH_4
201 Available for customer FSBLM-DDR-FW-PKH_5
202 Available for customer FSBLM-DDR-FW-PKH_6
203 Available for customer FSBLM-DDR-FW-PKH_7
A35-TD flavor More info green.png M33-TD flavor More info green.png
Name Description Name Description
204 Available for customer FSBLM-A35-FW-PKH_0 Hash of the Public Key for M33TDCID A35 bare metal Firmware[key-formats 2]
205 Available for customer FSBLM-A35-FW-PKH_1
206 Available for customer FSBLM-A35-FW-PKH_2
207 Available for customer FSBLM-A35-FW-PKH_3
208 Available for customer FSBLM-A35-FW-PKH_4
209 Available for customer FSBLM-A35-FW-PKH_5
210 Available for customer FSBLM-A35-FW-PKH_6
211 Available for customer FSBLM-A35-FW-PKH_7
212 Available for customer
213 Available for customer
214 Available for customer
215 Available for customer
216 Available for customer
217 Available for customer
218 Available for customer
219 Available for customer
220 Available for customer
221 Available for customer
222 Available for customer
223 Available for customer
224 Available for customer
225 Available for customer
226 Available for customer
227 Available for customer
228 Available for customer
229 Available for customer
230 Available for customer
231 Available for customer
232 Available for customer
233 Available for customer
234 Available for customer
235 Available for customer
236 Available for customer
237 Available for customer
238 OEM ADAC ROTPK HASH0 OEM ADAC key Root of Trust Hash
239 OEM ADAC ROTPK HASH1
240 OEM ADAC ROTPK HASH2
241 OEM ADAC ROTPK HASH3
242 OEM ADAC ROTPK HASH4
243 OEM ADAC ROTPK HASH5
244 OEM ADAC ROTPK HASH6
245 OEM ADAC ROTPK HASH7
246 ST_BOARD_ID Identifier for ST boards (available to customer on chip)
247 MAC_ADDR_0 Mac address [coding 1]
248 MAC_ADDR_1 Mac address [coding 1]
249 MAC_ADDR_2 Mac address [coding 1]
250 MAC_ADDR_3 Mac address [coding 1]
251 MAC_ADDR_4 Mac address [coding 1]
252 MAC_ADDR_5 Mac address [coding 1]
253 MAC_ADDR_6 Mac address [coding 1]
254 MAC_ADDR_7 Mac address [coding 1]
255 ST_RSSE_EDMK_DERIV_CSTE_FUSE ST Encryption Decryption Master Key Derivation constant
Upper OTP region
256 OTP_RMA_LOCK_PSWD0 RMA lock password (128 bit)
257 OTP_RMA_LOCK_PSWD1
258 OTP_RMA_LOCK_PSWD2
259 OTP_RMA_LOCK_PSWD3
260 FIP-EDMK0 FIP encryption decryption master key (256-bit)
261 FIP-EDMK1
262 FIP-EDMK2
263 FIP-EDMK3
264 FIP-EDMK4
265 FIP-EDMK5
266 FIP-EDMK6
267 FIP-EDMK7
268 OEM Secrets available to customer
269 OEM Secrets available to customer
270 OEM Secrets available to customer
271 OEM Secrets available to customer
272 OEM Secrets available to customer
273 OEM Secrets available to customer
274 OEM Secrets available to customer
275 OEM Secrets available to customer
276 OEM Secrets available to customer
277 OEM Secrets available to customer
278 OEM Secrets available to customer
279 OEM Secrets available to customer
280 OEM Secrets available to customer
281 OEM Secrets available to customer
282 OEM Secrets available to customer
283 OEM Secrets available to customer
284 OEM Secrets available to customer
285 OEM Secrets available to customer
286 OEM Secrets available to customer
287 OEM Secrets available to customer
288 OEM Secrets available to customer
289 OEM Secrets available to customer
290 OEM Secrets available to customer
291 OEM Secrets available to customer
292 OEM Secrets available to customer
293 OEM Secrets available to customer
294 OEM Secrets available to customer
295 OEM Secrets available to customer
296 OEM Secrets available to customer
297 OEM Secrets available to customer
298 OEM Secrets available to customer
299 OEM Secrets available to customer
300 OEM Secrets available to customer
301 OEM Secrets available to customer
302 OEM Secrets available to customer
303 OEM Secrets available to customer
304 OEM Secrets available to customer
305 OEM Secrets available to customer
306 OEM Secrets available to customer
307 OEM Secrets available to customer
308 OEM Secrets available to customer
309 OEM Secrets available to customer
310 OEM Secrets available to customer
311 OEM Secrets available to customer
312 OEM Secrets available to customer
313 OEM Secrets available to customer
314 OEM Secrets available to customer
315 OEM Secrets available to customer
316 OEM Secrets available to customer
317 OEM Secrets available to customer
318 OEM Secrets available to customer
319 OEM Secrets available to customer
320 OEM Secrets available to customer
321 OEM Secrets available to customer
322 OEM Secrets available to customer
323 OEM Secrets available to customer
324 OEM Secrets available to customer
325 OEM Secrets available to customer
326 OEM Secrets available to customer
327 OEM Secrets available to customer
328 OEM Secrets available to customer
329 OEM Secrets available to customer
330 OEM Secrets available to customer
331 OEM Secrets available to customer
A35-TD flavor More info green.png M33-TD flavor More info green.png
Name Description Name Description
332 RPROC-FW-ENC-KEY0 Encryption/Decryption Key for remote processor firmware BL2_ASYM_PRVK_KEY0 BL2 Asymmetric private key for encryption
333 RPROC-FW-ENC-KEY1 BL2_ASYM_PRVK_KEY0
334 RPROC-FW-ENC-KEY2 BL2_ASYM_PRVK_KEY2
335 RPROC-FW-ENC-KEY3 BL2_ASYM_PRVK_KEY3
336 RPROC-FW-ENC-KEY4 BL2_ASYM_PRVK_KEY4
337 RPROC-FW-ENC-KEY5 BL2_ASYM_PRVK_KEY5
338 RPROC-FW-ENC-KEY6 BL2_ASYM_PRVK_KEY6
339 RPROC-FW-ENC-KEY7 BL2_ASYM_PRVK_KEY7
340 TF-M IAK0 Initial attestation 256-bit key (Symmetric or Asymmetric key)
341 TF-M IAK1
342 TF-M IAK2
343 TF-M IAK3
344 TF-M IAK4
345 TF-M IAK5
346 TF-M IAK6
347 TF-M IAK7
348 31-0 (32 bits) OEM KEY2 EDMK0 OEM master key used to derive FSBLM decryption key. This key must use Format 1.
349 31-0 (32 bits) OEM KEY2 EDMK1
350 31-0 (32 bits) OEM KEY2 EDMK2
351 31-0 (32 bits) OEM KEY2 EDMK3
352 31-0 (32 bits) OEM KEY2 EDMK4
353 31-0 (32 bits) OEM KEY2 EDMK5
354 31-0 (32 bits) OEM KEY2 EDMK6
355 31-0 (32 bits) OEM KEY2 EDMK7
356 31-0 (32 bits) OEM KEY1 EDMK0 OEM master key used to derive FSBLA or M decryption key. This key must use Format 1.
357 31-0 (32 bits) OEM KEY1 EDMK1
358 31-0 (32 bits) OEM KEY1 EDMK2
359 31-0 (32 bits) OEM KEY1 EDMK3
360 31-0 (32 bits) OEM KEY1 EDMK4
361 31-0 (32 bits) OEM KEY1 EDMK5
362 31-0 (32 bits) OEM KEY1 EDMK6
363 31-0 (32 bits) OEM KEY1 EDMK7
364 31-0 (32 bits) STM32PRVKEY0 STM32 ECC chip private key
365 31-0 (32 bits) STM32PRVKEY1
366 31-0 (32 bits) STM32PRVKEY2
367 31-0 (32 bits) STM32PRVKEY3
368 31-0 (32 bits) STM32PRVKEY4
369 31-0 (32 bits) STM32PRVKEY5
370 31-0 (32 bits) STM32PRVKEY6
371 31-0 (32 bits) STM32PRVKEY7
372 31-0 (32 bits) STM32PRVKEY8
373 31-0 (32 bits) STM32PRVKEY9
374 31-0 (32 bits) STM32PRVKEY10
375 31-0 (32 bits) STM32PRVKEY11
376 31-0 (32 bits) HWKEY0 Secret hardware unique key
377 31-0 (32 bits) HWKEY1
378 31-0 (32 bits) HWKEY2
379 31-0 (32 bits) HWKEY3
380 31-0 (32 bits) HWKEY4
381 31-0 (32 bits) HWKEY5
382 31-0 (32 bits) HWKEY6
383 31-0 (32 bits) HWKEY7

2. References[edit | edit source]

2.1. Key storage in OTP[edit | edit source]

Keys are represented as a string of byte to be stored in consecutive OTP words.

For example, a 64-bit key (0xAABBCCDDEEFF5566) is stored into two consecutive OTP words KEY0 and KEY1.

A key is stored in OTP words using one of the following formats:

  1. Jump up to: 1.0 1.1 1.2 1.3 KEY0 = 0xAABBCCDD, KEY1 = 0xEEFF5566
  2. Jump up to: 2.0 2.1 2.2 2.3 KEY0 = 0xDDCCBBAA, KEY1 = 0x6655FFEE



2.2. MAC address[edit | edit source]

  1. Jump up to: 1.0 1.1 1.2 1.3 1.4 1.5 1.6 1.7 Mac addresses are stored as octets list using the following coding convention:
    • OTP 247: mac_addr_1[4 first octets]
    • OTP 248: mac_addr_2[2 first octets] | mac_addr_1[2 last octets]
    • OTP 249: mac_addr_2[4 last octets]
    • OTP 250: mac_addr_3[4 first octets]
    • ...
    Example: 247 = 0xE37AE710 / 248 = 0xE710F495 / 249 = 0xF595E37A
    • mac_addr1 : 10:E7:7A:E3:95:F4
    • mac_addr2 : 10:E7:7A:E3:95:F5
    • ...
    Each MAC address is associated in U-Boot to an ethernet device with alias in device tree: ethernet0, ethernet1, ...
    On STM32MP257F-EV1 Evaluation board More info green.png the ETH2 use the first mac address (ethernet0 = &eth2), ETH1 use the second mac address (ethernet1 = &eth1).
    On STM32MP257F-DK Discovery kit More info green.png the ETH1 use the first mac address (ethernet0 = &eth1).
    On the default mapping the MAC 3, 4 and 5 are assigned to TSN switch (depending on product version).
    A unused MAC address (for example when TSN is not used) should be set to FF:FF:FF:FF:FF:FF, to avoids the trace "invalid MAC address" in U-Boot.

2.3. FSBL-M keys[edit | edit source]

  1. Jump up to: 1.0 1.1 1.2 By default STM32MP21x lines More info.png use OEM_KEY1_ROT and OEM_KEY1_EDMK for FSBLA and FSBLM. To use the dedicated FSBLM keys (OEM_KEY2_ROT and OEM_KEY2_EDMK) you must program bit 8 from OTP17.