CPU Rings
https://en.wikipedia.org/wiki/Protection_ring
On many processors (including x86) an instruction is run inside a certain CPU ring
Switching CPU rings is a “costly” operation (from a CPU perspective) that requires specialised CPU calls
Code running in a lower-level CPU ring cannot access resources allocated for code in a higher ring
- If code needs to run a more privileged operation, it needs to communicate in some manner (e.g. through
IPC or standardised
Standard Library calls) with a higher-privilege program
- E.g. a user program wanting to make disk writes
- If code needs to run a more privileged operation, it needs to communicate in some manner (e.g. through
IPC or standardised
Standard Library calls) with a higher-privilege program
Ring 0 is for Kernel Space and the most privileged code such as the kernel itself
Ring 1 and 2 are for Kernel Space but typically allocated to Device Drivers that need hardware access
Ring 3 is for User Space and other least privileged code