The present disclosure provides trusted kernel-based anti-attack data processors. One exemplary processor comprises: a trusted kernel exception vector table configured to provide a handling entry for kernel switching; a trusted kernel stack pointer register storing a trusted kernel stack pointer that points to a trusted kernel stack space; and a trusted zone in the trusted kernel stack space, the trusted zone including a program status register storing a flag bit of a starting kernel for the kernel switching, a program pointer, and a general register. When the data processor performs kernel switching from a non-trusted kernel to a trusted kernel, the trusted kernel locates the handling entry for the kernel switching and performs the switching. An underlying software protection mechanism can be provided for switching entries of a trusted kernel. Therefore, security during switching processes between a trusted kernel and a non-trusted kernel can be improved.