The debugger can be used to access memory locations.
Any accesses to the address space include a new attribute NS-Attr, which is used to mark transactions as Non-secure or secure. The Security Extensions also define a new NS-Req attribute, which defines the security state that the core requests that the data transaction be performed in. Unless otherwise specified NS-Req is equal to the security state of the core.
Debugger accesses to memory, and any memory mapped registers are subject to the same security checks as data accesses generated by the processor, with the transaction attributes set as follows:
- NS-Req is set by the Debug Access Port (DAP) if DHCSR.S_SDE is 1.
- Otherwise NS-Req set to Non-secure.
Debugger accesses are subject to validation and attribution, that is, NS-Attr for debugger generated transactions is set by the Secure Attribution Unit (SAU) or Implementation Defined Attribution Unit (IDAU) in the same way as software generated accesses. However debugger accesses are not subject to any MPU checks.
If the SAU or IDAU blocks memory accesses originating from the debugger that do not have the required permission, an error response is returned to the DAP.
The debugger can request the access be performed as a Non-secure or a Secure access by setting the DAP register CSW.Prot to 1 or 0.