STM32H7Sx - Meaning of FLASH_OBKCR.NEXTKL within HDPL_0

Eliasvan · ‎2025-09-23

What is the meaning of the FLASH_OBKCR.NEXTKL field while executing within HDPL_0 (e.g., during execution of ST RSS)?

This question might seem irrelevant to me as I'm a user and user code will never execute within HDPL_0, but it might be important from a threat modeling point of view: does ST (by means of its RSS code) have access to HDPL_x user-provisioned AHKs (Application Hardware Keys) where x >= 1?

The reference manual states the following:

5.9.18 FLASH option byte key control register (FLASH_OBKCR)
"NEXTKL[1:0]: Next key level
00: OBKINDEX represents the index of the option byte key stored for the hide protection level
indicated in SBS_HDPLSR.
01: OBKINDEX represents the index of the option byte key stored for the hide protection level
indicated in SBS_HDPLSR plus one (e.g. if HDPL=1 in SBS_HDPLR the key of level 2 is
selected).
10 or 11: reserved"

Does this mean ST RSS (HDPL_0) can access:

HDPL_0 AHKs (when NEXTKL=00)
HDPL_1 AHKs (when NEXTKL=01)

but not:

HDPL_2 AHKs (no applicable NEXTKL value, candidate NEXTKL=10 is reserved)

?

KDJEM.1 · ‎2025-10-10

Hello @Eliasvan ;

I will check this internally and I will come back to you as soon as possible.

Internal ticket number: 219312 (This is an internal tracking number and is not accessible or usable by customers)

Thank you.

Kaouthar

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.