Privilege Levels

The point of privilege levels is to prevent a program from accessing a storage object that is more privileged than the program itself. Generally, this means that application programs are not able to access storage used by supervisory programs in any way. This also means it is safe to keep descriptions of storage used by the system in a descriptor table that can be accessed by applications, because the application cannot use those descriptors.

There are actually 3 distinct privilege levels associated with every storage access, and testing privilege level is a two-step process. The privilege level used to access a storage operand is the less privileged of CPL and RPL. The first step is to determine the actual privilege level with which to attempt the access. The second step is to compare the privilege level of the storage object (from the descriptor) to the result of the first step.

┌─────┬───────────────┬──────────────────────────────┐
│DPL  │Descriptor     │Bits 45 & 46 of descriptor.   │
│     │Privilege      │                              │
│     │Level.         │                              │
├─────┼───────────────┼──────────────────────────────┤
│RPL  │Requested      │2 low order bits of selector. │
│     │Privilege      │                              │
│     │Level.         │                              │
├─────┼───────────────┼──────────────────────────────┤
│CPL  │Current        │2 low order bits of CS.       │
│     │Privilege      │                              │
│     │Level.         │                              │
└─────┴───────────────┴──────────────────────────────┘

A more privileged (lower numbered) program may access the storage objects of a less privileged program. This is how the operating system returns structures and fills in data areas for an application.

Any attempt by a less privileged (higher numbered) program to access in any way a storage object which is more privileged generates a general protection exception.

     -----------------------------------------------
    |                                               |
    |                                               |
    |                   RING 3                      |
    |   ----------------------------------------    |
    |  |                                        |   |
    |  |                                        |   |
    |  |                RING 2                  |   |
    |  |       --------------------------       |   |
    |  |      |                          |      |   |
    |  |      |                          |      |   |
    |  |      |                          |      |   |
    |  |      |         RING 0           |      |   |
    |  |      |                          |      |   |
    |  |      |                          |      |   |
    |  |      |                          |      |   |
    |  |       --------------------------       |   |
    |  |                                        |   |
    |  |                                        |   |
    |  |                                        |   |
    |  |                                        |   |
    |   ----------------------------------------    |
    |    |           |           |           |      |
    |    |           |           |           |      |
    |    |  appl 1      shared      appl 2   |      |
    |    |           |           |           |      |
    |    |           |           |           |      |
     -----------------------------------------------