12.8.5. Privilege

While the processor is in debug state, ARM instructions issued through the ITR are subject to different rules whether they can change the processor state. As a general rule, instructions in debug state are always permitted to change the processor state, unless the processor is in a state, mode, and configuration where there are security restrictions.

If the debugger uses the ITR to execute an instruction that is not permitted, the processor ignores the instruction and sets the sticky undefined bit, DSCR[8], to 1.

Accessing registers and memory

The processor accesses register bank and memory as indicated by the CPSR mode bits. For example, if the CPSR mode bits indicate the processor is in User mode, ARM register reads and returns the User mode banked registers, and memory accesses are presented to the MMU as not privileged.

Updating CPSR bits

If the debugger writes to the CPSR a value so that it sets the CPSR[4:0] bits to a processor mode where invasive debug is not permitted, this update of the CPSR[4:0] bits is ignored. Similarly, if invasive debug is not permitted for privilege modes in the current security state, writes to the CPSR privileged bits are ignored.

Table 12.55 shows which updates are permitted in debug state:

Table 12.55. Permitted updates to the CPSR in debug state

ModeSecure state[1] or Monitor modeDBGEN & SPIDENModify CPSR[4:0] to Monitor modeUpdate privileged CPSR bits[2]
UserYes0Update ignoredUpdate ignored
PrivilegedYes0PermittedPermitted
AnyNo0Update ignoredPermitted
AnyX1PermittedPermitted

[1] The processor is in secure state when CP15 SCR[0] nonsecure bit is set to 0.

[2] This column excludes the case where the debugger attempts to change CPSR[4:0] to Monitor mode, that is, it only includes updates of the A, I, or F bits, or the CPSR[4:0] bits to a mode other than Monitor.


Writing to the CPSR SCR

While in debug state, if the debugger forces the processor to execute a CP15 MCR instruction to write to the CP15 Secure Configuration Register (SCR), it is only permitted to execute if either of these conditions is true:

  • the processor is in a secure privileged mode including Monitor mode

  • the processor is in secure User mode, and both DBGEN and SPIDEN are asserted.

Note

  • Writes to the SCR while in nonsecure state are not permitted even if both DBGEN and SPIDEN are asserted, except if the processor is in Monitor mode because it is considered to be a secure privileged mode regardless of the value of the SCR[0] NS bit.

  • The processor treats attempts to write to the SCR when they are not permitted as Undefined instruction exceptions. See Exceptions in debug state for details of how the processor behaves when Undefined instruction exceptions occur while in debug state.

Coprocessor instructions

The rules for executing coprocessor instructions other than CP14 and CP15 while in debug state are the same as in normal state. CP14 debug instructions are always permitted while in debug state regardless of the debug permissions, processor mode, and security state.

Note

Nondebug CP14 instructions behave as CP15 instructions while in debug state.

For CP15 instructions, the processor behaves as follows:

  • If the debugger is permitted to execute an MSR instruction to change the CPSR[4:0] bits to a privileged mode, then the debugger is also permitted to access privileged CP15 registers. In this situation, the debugger is not required to switch the processor into a privileged mode before executing a privileged CP15 instruction.

  • If the processor is in nonsecure state and is permitted to change to Monitor mode, it must do so before issuing CP15 instructions that must be executed in a secure privileged mode. In this case, the processor is not automatically granted secure privileged permissions.

  • If the debugger tries to execute a CP15 instruction that is not permitted, the processor generates an Undefined Instruction exception. See Exceptions in debug state for information on how the processor behaves when Undefined instruction exceptions occur while in debug state.

Table 12.56 shows the CP14 and CP15 instruction execution rules.

Table 12.56. Accesses to CP15 and CP14 registers in debug state

ModeSCR[0]DBGEN & SPIDENAccess to CP14 registersAccess to banked CP15 registersAccess to restricted access CP15 registersAccess to configurable access CP15 registers
User00PermittedUndefinedUndefinedUndefined
User01PermittedSecurePermittedPermitted
Monitor0XPermittedSecurePermittedPermitted
Monitor1XPermittedNonsecurePermittedPermitted
PxM[1]0XPermittedSecurePermittedPermitted
User or PxM1XPermittedNonsecureUndefinedAs configured

[1] Any privileged mode excluding Secure Monitor mode.


Copyright © 2006-2009 ARM Limited. All rights reserved.ARM DDI 0344I
Non-Confidential