All geek questions in one place

Executing privilege levels

I understand that in general, a processor can operate in one of two modes: a high-level resolution mode, which allows access to "protected" zones in the hardware, and a low-level resolution mode, which is used when accessing other processor functions.

I also understand that there is some form of protection mechanism that provides that only the operating system can run on the processor when it is in privileged high-level mode (sometimes called ring 0), and that when any user space process starts the processor in low privilege mode (ring 3).

My question is: How does the processor distinguish between an OS process running in call mode 0 and a user space process running in ring 3? What mechanism exists that ensures that a user-level process can never get privilege levels of 0?

+4
source share
2 answers

It depends on the processor, but I will go with x86.

The processor does not understand the idea of ​​the process. This is an abstraction of the OS for switching the current code. The CPU understands the privileges of running the code on which it resides.

In the paging operating system, the OS code is displayed on pages marked as supervisor in the page table, while user mode code is marked as user mode in the page table. When the CPU accesses any memory location, in this case the current instruction via EIP, the processor searches for virtual memory. After this search, the processor scans the page table and can check the supervisor / user mode flag and interpret the current instruction in this way.

+4
source

The INT instruction automatically changes the flag / status / state register of the processor so that privileged instructions can be executed. the ring / privileged CPU level is indicated by the flag / status / status register inside the CPU. privileged AND commands have certain bits of the status register to execute.

0
source

Source: https://habr.com/ru/post/1446684/

More articles:


All Articles