12.11. Kernel access with user permissions

There are instructions that allow code executing at EL1 (for example, an OS) to perform memory accesses with EL0 or application permissions. This can be used, for example, to de-reference pointers provided with system calls and to enable the OS to check that only data accessible to the application is accessed. This can be achieved using the LDTR or STTR instructions. When executed at EL1, these instructions perform the load or store as if executed at EL0. At all other Exception levels, LDTR and STTR behave like regular LDR or STR instructions. There are the usual size and signed and unsigned variants as normal load and store instructions, but with a smaller offset and restricted indexing options.

Copyright © 2015 ARM. All rights reserved.ARM DEN0024A