Intel 64 and IA-32 Architectures Software Developers Manual Volume 1, Basic Architecture
Vol. 1 6-9
PROCEDURE CALLS, INTERRUPTS, AND EXCEPTIONS
In this example, the highest privilege level 0 (at the center of the diagram) is used for
segments that contain the most critical code modules in the system, usually the
kernel of an operating system. The outer rings (with progressively lower privileges)
are used for segments that contain code modules for less critical software.
Code modules in lower privilege segments can only access modules operating at
higher privilege segments by means of a tightly controlled and protected interface
called a gate. Attempts to access higher privilege segments without going through a
protection gate and without having sufficient access rights causes a general-protec-
tion exception (#GP) to be generated.
If an operating system or executive uses this multilevel protection mechanism, a call
to a procedure that is in a more privileged protection level than the calling procedure
is handled in a similar manner as a far call (see Section 6.3.2, “Far CALL and RET
Operation”). The differences are as follows:
• The segment selector provided in the CALL instruction references a special data
structure called a call gate descriptor. Among other things, the call gate
descriptor provides the following:
— access rights information
— the segment selector for the code segment of the called procedure
— an offset into the code segment (that is, the instruction pointer for the called
procedure)
Figure 6-3. Protection Rings
Level 0
Level 1
Level 2
Level 3
Protection Rings
Operating
Operating System
Services (Device
Drivers, Etc.)
Applications
0
12
3
Highest
Lowest
Privilege Levels
System
Kernel