diff --git a/core/embed/boardloader/main.c b/core/embed/boardloader/main.c
index b9f62ee34f..7099797b59 100644
--- a/core/embed/boardloader/main.c
+++ b/core/embed/boardloader/main.c
@@ -19,7 +19,6 @@
 
 #include <string.h>
 
-#include STM32_HAL_H
 #include TREZOR_BOARD
 #include "board_capabilities.h"
 #include "bootutils.h"
@@ -63,13 +62,10 @@
 #include "model.h"
 #include "monoctr.h"
 #include "option_bytes.h"
+#include "tamper.h"
 #include "trustzone.h"
 #include "version.h"
 
-#ifdef STM32U5
-#include "tamper.h"
-#endif
-
 const uint8_t BOARDLOADER_KEY_M = 2;
 const uint8_t BOARDLOADER_KEY_N = 3;
 static const uint8_t * const BOARDLOADER_KEYS[] = {
@@ -251,7 +247,7 @@ int main(void) {
     return 2;
   }
 
-#ifdef STM32U5
+#ifdef USE_TAMPER
   tamper_init();
 #endif
 
diff --git a/core/embed/bootloader/main.c b/core/embed/bootloader/main.c
index 05ccf93e51..bf66bef5a1 100644
--- a/core/embed/bootloader/main.c
+++ b/core/embed/bootloader/main.c
@@ -65,9 +65,6 @@
 #ifdef USE_HASH_PROCESSOR
 #include "hash_processor.h"
 #endif
-#ifdef STM32U5
-#include "irq.h"
-#endif
 
 #include "model.h"
 #include "usb.h"
@@ -85,7 +82,6 @@
 #include "emulator.h"
 #else
 #include "compiler_traits.h"
-#include STM32_HAL_H
 #endif
 
 #define USB_IFACE_NUM 0
@@ -346,7 +342,7 @@ void real_jump_to_firmware(void) {
   jump_to(IMAGE_CODE_ALIGN(FIRMWARE_START + vhdr.hdrlen + IMAGE_HEADER_SIZE));
 }
 
-#ifdef STM32U5
+#ifdef USE_RESET_TO_BOOT
 __attribute__((noreturn)) void jump_to_fw_through_reset(void) {
   display_fade(display_backlight(-1), 0, 200);
 
@@ -558,7 +554,7 @@ int bootloader_main(void) {
     } else {
       screen = SCREEN_WELCOME;
 
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
       secret_bhk_regenerate();
 #endif
       ensure(erase_storage(NULL), NULL);
@@ -613,7 +609,7 @@ int bootloader_main(void) {
             screen = SCREEN_INTRO;
           }
           if (ui_result == 0x11223344) {  // reboot
-#ifndef STM32U5
+#ifndef USE_HASH_PROCESSOR
             ui_screen_boot_stage_1(true);
 #endif
             continue_to_firmware = firmware_present;
@@ -666,7 +662,7 @@ int bootloader_main(void) {
         // erase storage if we saw flips randomly flip, most likely due to
         // glitch
 
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
         secret_bhk_regenerate();
 #endif
         ensure(erase_storage(NULL), NULL);
@@ -675,7 +671,7 @@ int bootloader_main(void) {
                  (continue_to_firmware == continue_to_firmware_backup),
              NULL);
       if (sectrue == continue_to_firmware) {
-#ifdef STM32U5
+#ifdef USE_RESET_TO_BOOT
         firmware_jump_fn = jump_to_fw_through_reset;
 #else
         ui_screen_boot_stage_1(true);
@@ -689,7 +685,7 @@ int bootloader_main(void) {
   ensure(dont_optimize_out_true * (firmware_present == firmware_present_backup),
          NULL);
 
-#ifdef STM32U5
+#ifdef USE_RESET_TO_BOOT
   if (sectrue == firmware_present &&
       firmware_jump_fn != jump_to_fw_through_reset) {
     firmware_jump_fn = real_jump_to_firmware;
diff --git a/core/embed/bootloader/messages.c b/core/embed/bootloader/messages.c
index f576ec3a61..10cda4aff2 100644
--- a/core/embed/bootloader/messages.c
+++ b/core/embed/bootloader/messages.c
@@ -720,7 +720,7 @@ int process_msg_FirmwareUpload(uint8_t iface_num, uint32_t msg_size,
 
       // if firmware is not upgrade, erase storage
       if (sectrue != should_keep_seed) {
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
         secret_bhk_regenerate();
 #endif
         ensure(erase_storage(NULL), NULL);
diff --git a/core/embed/kernel/main.c b/core/embed/kernel/main.c
index b8abc3f544..47c8160ba5 100644
--- a/core/embed/kernel/main.c
+++ b/core/embed/kernel/main.c
@@ -17,8 +17,6 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#include STM32_HAL_H
-
 #include <string.h>
 
 #include "applet.h"
@@ -73,7 +71,7 @@ static void optiga_log_hex(const char *prefix, const uint8_t *data,
 #endif
 
 void drivers_init() {
-#ifdef STM32U5
+#ifdef USE_TAMPER
   tamper_init();
 #endif
 
@@ -101,7 +99,7 @@ void drivers_init() {
 
   display_init(DISPLAY_JUMP_BEHAVIOR);
 
-#ifdef STM32U5
+#ifdef USE_OEM_KEYS_CHECK
   check_oem_keys();
 #endif
 
@@ -109,7 +107,7 @@ void drivers_init() {
 
   unit_properties_init();
 
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
   secure_aes_init();
 #endif
 
diff --git a/core/embed/prodtest/main.c b/core/embed/prodtest/main.c
index 897b2d22f4..5ced433426 100644
--- a/core/embed/prodtest/main.c
+++ b/core/embed/prodtest/main.c
@@ -65,8 +65,11 @@
 
 #include "memzero.h"
 
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
 #include "secure_aes.h"
+#endif
+
+#ifdef STM32U5
 #include "stm32u5xx_ll_utils.h"
 #else
 #include "stm32f4xx_ll_utils.h"
@@ -820,7 +823,7 @@ int main(void) {
 
   display_init(DISPLAY_JUMP_BEHAVIOR);
 
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
   secure_aes_init();
 #endif
 #ifdef USE_HASH_PROCESSOR
diff --git a/core/embed/prodtest/optiga_prodtest.c b/core/embed/prodtest/optiga_prodtest.c
index 0a2953e9f8..577fb1fec0 100644
--- a/core/embed/prodtest/optiga_prodtest.c
+++ b/core/embed/prodtest/optiga_prodtest.c
@@ -33,10 +33,9 @@
 #include "secret.h"
 #include "sha2.h"
 
-#include STM32_HAL_H
 #include TREZOR_BOARD
 
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
 #include "secure_aes.h"
 #endif
 
diff --git a/core/embed/trezorhal/flash.h b/core/embed/trezorhal/flash.h
index 68159e4e93..efcc610c37 100644
--- a/core/embed/trezorhal/flash.h
+++ b/core/embed/trezorhal/flash.h
@@ -26,20 +26,6 @@
 #include "flash_ll.h"
 #include "secbool.h"
 
-#ifndef TREZOR_EMULATOR
-#include STM32_HAL_H
-#endif
-
-#ifdef STM32U5
-
-#define FLASH_QUADWORD_WORDS (4)
-#define FLASH_QUADWORD_SIZE (FLASH_QUADWORD_WORDS * sizeof(uint32_t))
-
-#define FLASH_BURST_WORDS (8 * FLASH_QUADWORD_WORDS)
-#define FLASH_BURST_SIZE (FLASH_BURST_WORDS * sizeof(uint32_t))
-
-#endif
-
 void flash_init(void);
 
 #endif  // TREZORHAL_FLASH_H
diff --git a/core/embed/trezorhal/stm32f4/layout.c b/core/embed/trezorhal/stm32f4/layout.c
index 3894e47b81..12c2a9530c 100644
--- a/core/embed/trezorhal/stm32f4/layout.c
+++ b/core/embed/trezorhal/stm32f4/layout.c
@@ -17,6 +17,10 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#ifndef TREZOR_EMULATOR
+#include STM32_HAL_H
+#endif
+
 #include "flash.h"
 #include "layout_helpers.h"
 #include "model.h"
diff --git a/core/embed/trezorhal/stm32u5/layout.c b/core/embed/trezorhal/stm32u5/layout.c
index 7056196e83..89934a2201 100644
--- a/core/embed/trezorhal/stm32u5/layout.c
+++ b/core/embed/trezorhal/stm32u5/layout.c
@@ -17,6 +17,10 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#ifndef TREZOR_EMULATOR
+#include STM32_HAL_H
+#endif
+
 #include "flash.h"
 #include "layout_helpers.h"
 #include "model.h"
diff --git a/core/site_scons/models/D002/discovery2.py b/core/site_scons/models/D002/discovery2.py
index ea9f6116c7..bba1a17449 100644
--- a/core/site_scons/models/D002/discovery2.py
+++ b/core/site_scons/models/D002/discovery2.py
@@ -96,7 +96,14 @@ def configure(
         features_available.append("xframebuffer")
         features_available.append("display_rgba8888")
 
-    defines += ["USE_HASH_PROCESSOR=1"]
+    defines += [
+        "USE_HASH_PROCESSOR=1",
+        "USE_STORAGE_HWKEY=1",
+        "USE_TAMPER=1",
+        "USE_FLASH_BURST=1",
+        "USE_OEM_KEYS_CHECK=1",
+        "USE_RESET_TO_BOOT=1",
+    ]
 
     env.get("ENV")["LINKER_SCRIPT"] = linker_script
 
diff --git a/core/site_scons/models/T3B1/trezor_t3b1_revB.py b/core/site_scons/models/T3B1/trezor_t3b1_revB.py
index 5ddb81ccc5..9ec01792ce 100644
--- a/core/site_scons/models/T3B1/trezor_t3b1_revB.py
+++ b/core/site_scons/models/T3B1/trezor_t3b1_revB.py
@@ -86,8 +86,15 @@ def configure(
         sources += ["vendor/stm32u5xx_hal_driver/Src/stm32u5xx_hal_tim.c"]
     defines += ["USE_CONSUMPTION_MASK=1"]
 
-    defines += ["USE_HASH_PROCESSOR=1"]
-    defines += ["USE_PVD=1"]
+    defines += [
+        "USE_HASH_PROCESSOR=1",
+        "USE_STORAGE_HWKEY=1",
+        "USE_TAMPER=1",
+        "USE_FLASH_BURST=1",
+        "USE_RESET_TO_BOOT=1",
+        "USE_OEM_KEYS_CHECK=1",
+        "USE_PVD=1",
+    ]
 
     env.get("ENV")["TREZOR_BOARD"] = board
     env.get("ENV")["MCU_TYPE"] = mcu
diff --git a/core/site_scons/models/T3T1/trezor_t3t1_revE.py b/core/site_scons/models/T3T1/trezor_t3t1_revE.py
index 803a11c71b..238be0def2 100644
--- a/core/site_scons/models/T3T1/trezor_t3t1_revE.py
+++ b/core/site_scons/models/T3T1/trezor_t3t1_revE.py
@@ -132,8 +132,15 @@ def configure(
         features_available.append("optiga")
     defines += ["USE_OPTIGA=1"]
 
-    defines += ["USE_HASH_PROCESSOR=1"]
-    defines += ["USE_PVD=1"]
+    defines += [
+        "USE_HASH_PROCESSOR=1",
+        "USE_STORAGE_HWKEY=1",
+        "USE_TAMPER=1",
+        "USE_FLASH_BURST=1",
+        "USE_RESET_TO_BOOT=1",
+        "USE_OEM_KEYS_CHECK=1",
+        "USE_PVD=1",
+    ]
 
     env.get("ENV")["TREZOR_BOARD"] = board
     env.get("ENV")["MCU_TYPE"] = mcu
diff --git a/storage/flash_area.c b/storage/flash_area.c
index f4953cf0c8..758c9a4fa5 100644
--- a/storage/flash_area.c
+++ b/storage/flash_area.c
@@ -122,7 +122,7 @@ secbool flash_area_write_quadword(const flash_area_t *area, uint32_t offset,
 
 #endif  // not defined FLASH_BIT_ACCESS
 
-#ifdef FLASH_BURST_SIZE
+#ifdef USE_FLASH_BURST
 secbool flash_area_write_burst(const flash_area_t *area, uint32_t offset,
                                const uint32_t *data) {
   uint16_t sector;
@@ -174,7 +174,7 @@ secbool __wur flash_area_write_data_padded(const flash_area_t *area,
   const uint32_t *data32 = (const uint32_t *)data;
 
   while (total_size > 0) {
-#ifdef FLASH_BURST_SIZE
+#ifdef USE_FLASH_BURST
     if ((offset % FLASH_BURST_SIZE) == 0 &&
         (offset + FLASH_BURST_SIZE) <= total_size) {
       if (data_size >= FLASH_BURST_SIZE) {
diff --git a/storage/flash_ll.h b/storage/flash_ll.h
index e6faaee09a..ddb167d822 100644
--- a/storage/flash_ll.h
+++ b/storage/flash_ll.h
@@ -30,6 +30,12 @@
 //    1. Non-uniform sector number on STM32F4
 //    2. Uniform page number on STM32U5
 
+#define FLASH_QUADWORD_WORDS (4)
+#define FLASH_QUADWORD_SIZE (FLASH_QUADWORD_WORDS * sizeof(uint32_t))
+
+#define FLASH_BURST_WORDS (8 * FLASH_QUADWORD_WORDS)
+#define FLASH_BURST_SIZE (FLASH_BURST_WORDS * sizeof(uint32_t))
+
 #define FLASH_BLOCK_SIZE (sizeof(uint32_t) * FLASH_BLOCK_WORDS)
 
 typedef uint32_t flash_block_t[FLASH_BLOCK_WORDS];
diff --git a/storage/storage.c b/storage/storage.c
index cff331cfb3..b32217d5af 100644
--- a/storage/storage.c
+++ b/storage/storage.c
@@ -37,7 +37,7 @@
 #include "optiga.h"
 #endif
 
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
 #include "secure_aes.h"
 #endif
 
@@ -553,7 +553,7 @@ static void derive_kek_v4(const uint8_t *pin, size_t pin_len,
     ui_progress();
   }
 
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
   uint8_t pre_kek[SHA256_DIGEST_LENGTH] = {0};
   pbkdf2_hmac_sha256_Final(&ctx, pre_kek);
   ensure(secure_aes_ecb_encrypt_hw(pre_kek, SHA256_DIGEST_LENGTH, kek,
@@ -611,7 +611,7 @@ static void stretch_pin(const uint8_t *pin, size_t pin_len,
     pbkdf2_hmac_sha256_Update(&ctx, PIN_ITER_COUNT / 10);
     ui_progress();
   }
-#ifdef STM32U5
+#ifdef USE_STORAGE_HWKEY
   uint8_t stretched_pin_tmp[SHA256_DIGEST_LENGTH] = {0};
   pbkdf2_hmac_sha256_Final(&ctx, stretched_pin_tmp);
   ensure(secure_aes_ecb_encrypt_hw(stretched_pin_tmp, SHA256_DIGEST_LENGTH,