January 3, 2026
Stack Wars: Secure or Nah?
Determining Current Arm Cortex-M Security State with GDB
One-line trick proves if your chip is ‘secure’ — and the comments are on fire
TLDR: A single GDB command compares stack pointers to reveal whether an Arm Cortex‑M microcontroller runs in Secure or Non‑Secure mode. Commenters split between applauding the clean tip and mocking TrustZone’s complexity, with extra sparks from command‑line vs IDE debates and Zephyr vs FreeRTOS rivalry.
Embedded devs are losing it over a neat GDB trick that tells you if your tiny Arm chip is in “Secure” or “Non‑Secure” mode. The blog shows a one‑liner that prints four stack pointers—secure and non‑secure versions—and you match your current pointer to know the chip’s vibe. Simple, right? Cue drama. Command‑line purists cheer, shouting “show me the registers!” while IDE lovers grumble that vendor tools do this with a button. The hottest take: TrustZone (Arm’s security feature) on microcontrollers is “security cosplay” that adds headaches without real wins. Others clap back, saying products with crypto keys and firmware updates absolutely need this clarity.
Zephyr fans loved the example, tossing playful shade at FreeRTOS. A running gag all day: “SP knows your secrets,” and “bit 1 does all the work,” referencing the CONTROL register’s SPSEL flag. Debug veterans warned about chips locking you out when Secure mode is misconfigured—this one‑liner is their new panic check. Newcomers begged for more “explain like I’m five” content, and got it: secure vs non‑secure is just a safe room versus the living room. It’s rare, but the post united the community—by reigniting tool wars and security philosophy memes.
Key Points
- •Armv8-M’s security extension (TrustZone) divides memory into Secure and Non-Secure regions, defining the core’s current security state.
- •On Armv8-M, SP equals MSP in Handler mode; in Thread mode SP equals MSP if CONTROL.SPSEL=0 or PSP if CONTROL.SPSEL=1.
- •With the security extension, MSP and PSP have Secure and Non-Secure variants (MSP_S/MSP_NS, PSP_S/PSP_NS), enabling security-state inference.
- •Using GDB command “i r sp psp_ns msp_ns psp_s msp_s”, matching SP to *_NS indicates Non-Secure; matching SP to *_S indicates Secure.
- •Examples show Cortex-M33 reset in Secure Thread mode (SP=MSP_S) and a Zephyr RTOS main in Non-Secure Thread mode with SP=PSP_NS and CONTROL.SPSEL=1.