Privilege Levels

From CPUDev Wiki
Jump to: navigation, search

This page or section is a stub. You can help the wiki by accurately contributing to it.

Privilege Level, or protection ring, is a mechanism that aims to provide security and fault tolerance by restricting usage of and/or access to specialized, privileged functionality or resources to specific modes/privilege levels of the CPU.


In common computer science literature, it is usually said about 4 rings levels, Ring 0 to Ring 3. Ring 0 is the most privileged one and Ring 3 is the least privileged. In Ring 0, the OS kernel is usually ran. In Ring 3, the user programs are usually ran. In Ring 1 and Ring 2, if supported by the CPU architecture and/or the OS, device drivers may be ran. However many operating systems make use only of Ring 0 and Ring 3.

However, concerning the x86 platform, Ring -1 has been associated with Hypervisor Mode, Ring -2 has been associated with System Management Mode and recently Intel's Management Engine has been classified as Ring -3[1].


When an OS is loaded, the CPU usually is in Ring 0. This means that the OS kernel has full (sometimes however not really full in practice because of the aforementioned rings -1, -2 and -3) access to privileged CPU instructions and the available hardware.

When the OS kernel loads a user program (or a device driver in the case of e.g. a microkernel), it switches the processor to Ring 3, so the user program and/or device driver can't modify the paging structures and tamper with the functioning of other programs, the kernel and the hardware.

When a user program and/or device driver wants to execute a well-defined privileged operation (e.g. read from disk), it calls the kernel and the processor automatically switches to Ring 0. This way the kernel can execute the task specified. When the kernel finishes, it returns to the user program and/or device driver and the processor automatically switches to Ring 3.